CVE-2026-30849

Name of the Vulnerable Software and Affected Versions Mantis Bug Tracker versions prior to 2.28.1

Description Mantis Bug Tracker is an open source issue tracker. Instances running on MySQL family databases are affected by an authentication bypass in the SOAP API due to improper type checking on the password parameter. An attacker knowing a victim's username can log in to the SOAP API without the actual password and execute any API function they have access to by using a crafted SOAP envelope. The issue stems from MySQL's implicit string-to-integer conversion during password checks. Disabling the SOAP API reduces the risk, but an attacker can still retrieve user account information, including email address and real name.

Recommendations Versions prior to 2.28.1 should be updated to version 2.28.1 or later. As a workaround, disable the SOAP API.