CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Craftycontrol: >> Crafty Controller >> 4.6.2 Security Vulnerabilities

CVE-2026-5652

An insecure direct object reference vulnerability in the Users API component of Crafty Controller allows a remote, authenticated attacker to perform user modification actions via improper API permissions validation.

CVSS Score

9.0

EPSS Score

0.002

Published

2026-04-21

CVE-2026-0805

An input neutralization vulnerability in the Backup Configuration component of Crafty Controller allows a remote, authenticated attacker to perform file tampering and remote code execution via path traversal.

CVSS Score

8.2

EPSS Score

0.001

Published

2026-01-30

Page 1

Vulnerabilities

Vulnerable Software

Craftycontrol: >> Crafty Controller >> 4.6.2 Security Vulnerabilities

Products

Pricing

Contact Us