CVE-2026-42096EPSS p44.0%

CVE-2026-42096CVE-2026-42096

sparxsystems / pro_cloud_server

Description

Sparx Pro Cloud Server is vulnerable to Broken Access Control within communication with the database. Due to lack of permission checks, any low privileged user can run arbitrary SQL queries within database user context. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.1 (build 167) and below were tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.

Scoring

CVSS 8.8 ()
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS0.60% probability of exploitation · percentile 44.0% · 2026-06-18T12:00:27Z
Last modified2026-06-02

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-42097
CVE
CVE-2025-15625
CVE
CVE-2026-42100
CVE
CVE-2025-15623
CVE
CVE-2026-42099
CVE
CVE-2025-15624
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.