CVE-2026-2174CRITICAL 9.8EPSS p42.3%

CVE-2026-2174CVE-2026-2174

Description

A security flaw has been discovered in code-projects Contact Management System 1.0. This affects an unknown part of the component CRUD Endpoint. The manipulation of the argument ID results in improper authentication. The attack may be launched remotely.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.56% probability of exploitation · percentile 42.3% · 2026-06-19T12:03:05Z
Published2026-02-08
Last modified2026-02-11

Underlying weaknesses· 1

CWE-287

References

  1. https://code-projects.org/
  2. https://vuldb.com/?ctiid.344875
  3. https://vuldb.com/?id.344875
  4. https://vuldb.com/?submit.749262

1

TypeTargetConfidenceTier
WeaknessImproper Authenticationcwe-2870%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-2176
CVE
CVE-2026-0567
CVE
CVE-2025-7186
CVE
CVE-2025-12283
CVE
CVE-2025-12243
CVE
CVE-2025-7199
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.