CVE-2026-36035

CVE-2026-36035CVE-2026-36035

Description

Incorrect access control in the /api/License/deactivateOffline endpoint of CAXPerts UniversalPlantViewer WebServices Server v2.7.6 allows authenticated attackers with low-level privileges to cause a Denial of Service (DoS) via removing the license from the webserver.

Scoring

Last modified2026-07-14
Sourced from NVD. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.