PT-2026-43456 · Yamcs · Yamcs

Published

2026-05-27

·

Updated

2026-06-01

·

CVE-2026-44596

CVSS v3.1

6.5

Medium

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions YAMCS (affected versions not specified)
Description The authentication endpoint "POST /auth/token" in yamcs-core lacks rate limiting, account lockout, and failed attempt throttling. This allows an unauthenticated remote attacker to perform unlimited password guessing attempts against any user account, significantly increasing the risk of successful brute-force attacks. The issue resides in the handleToken() function within the yamcs-core/src/main/java/org/yamcs/http/auth/AuthHandler.java file, which processes authentication requests without any throttling mechanism or CAPTCHA.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Restriction of Excessive Authentication Attempts

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-44596
GHSA-W5R6-MCGQ-7PQ4

Affected Products

Yamcs