CVE-2026-40543EPSS p25.3%

CVE-2026-40543CVE-2026-40543

Description

SOPlanning does not enforce authorization for backup functionalities. An unauthenticated attacker can directly query backup-related endpoints and retrieve backup archives containing user databases with usernames and password hashes, as well as the config.csv file, which includes additional sensitive information. This issue affects SOPlanning version 1.55 and below.

Scoring

EPSS0.34% probability of exploitation · percentile 25.3% · 2026-06-18T12:00:27Z
Last modified2026-06-01

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-40547
CVE
CVE-2026-40544
CVE
CVE-2026-40546
CVE
CVE-2026-40548
CVE
CVE-2026-40549
CVE
CVE-2026-40545
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.