cyberMEDIUM2026-05-09 20:16 UTC

CVE-2026-42569 - phpvms: /importer authorization bypass causing full database wipe

CVE ID :CVE-2026-42569 Published : May 9, 2026, 8:16 p.m. | 48 minutes ago Description :phpVMS is a PHP application to run and simulate an airline. Prior to version 7.0.6, a critical vulnerability in phpVMS allowed unauthenticated access to a legacy import feature. This issue has been patched

ORIGINAL SOURCE →via CVE Feed Latest

⚡ STAY AHEAD

Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.

GET THE SUNDAY BRIEFING →

RELATED · cyber

[CYBER] Help with an Escalating Cyber-Stalker
[CYBER] Cheap Dedicated CI/CD Runners for GitLab: Shared vs Self-Hosted vs Rented
[CYBER] Cyber fraudsters dupe Goans of Rs 46 L through fake online schemes - navhindtimes.in
[CYBER] CVE-2026-8195 - JeecgBoot SVG File CommonController.java cross site scripting
[CYBER] CVE-2026-8194 - osTicket Dispatcher class.dispatcher.php cross-site request forgery
[CYBER] CVE-2026-42606 - AzuraCast: Password Reset Poisoning via Untrusted X-Forwarded-Host Header Leads to Account Takeover and 2FA Bypass

Editorial policy · Report a correction