CVE-2026-31909

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Apache OFBiz versions prior to 24.09.06

Description An issue in Apache OFBiz allows for the exposure of sensitive information to an unauthorized actor, specifically leading to the unauthenticated disclosure of shipment label images.

Recommendations Upgrade to version 24.09.06.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2026-31909

Affected Products

Apache Ofbiz

CVE-2026-31909

Weakness Enumeration

Related Identifiers

Affected Products

References · 4