CVE Watchtower


← Back to CVE List

CVE-2026-14261NVD

Vulnerability Summary

A vulnerability in the Xerte Online Tools allows for authentication bypass and remote code execution via reinstallation through the /setup/ folder, enabling attackers to reinstall the service to a remote database they control.
Severity Level
CRITICAL(9.1)
Published Date
Jul 9, 2026
Last Modified
Jul 9, 2026
Exploitation Status
No confirmed exploitation yet
EPSS Score (30-Day)
Data Pending
Root Weakness (CWE)
N/A
CVSS v3.1 Base Metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityNone