CVE-2026-7195EPSS p28.3%

CVE-2026-7195CVE-2026-7195

progress / sitefinity

Description

CWE-20: Improper Input Validation in web services in Progress Sitefinity 14.1.x through 14.3.x, 14.4.x before 14.4.8152, 15.0.x before 15.0.8234, 15.1.x before 15.1.8335, 15.2.x before 15.2.8441, 15.3.x before 15.3.8531, and 15.4.x before 15.4.8630 allows a remote unauthenticated attacker to compromise the integrity and confidentiality of user accounts. Successful exploitation requires user interaction and a non-default site configuration.

Scoring

CVSS 8.8 ()
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS0.37% probability of exploitation · percentile 28.3% · 2026-06-18T12:00:27Z
Last modified2026-06-04

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-7198
CVE
CVE-2026-7201
CVE
CVE-2026-7312
CVE
CVE-2026-7313
CVE
CVE-2025-61809
CVE
CVE-2026-47930
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.