PT-2026-50422 · Fluxbuilder · Mstore Api
Published
2026-06-17
·
Updated
2026-06-17
·
CVE-2026-54817
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
MStore API versions prior to 4.18.4
Description
An authentication bypass using an alternate path or channel in the MStore API allows for password recovery exploitation.
Recommendations
Update to a version later than 4.18.4.
Fix
Authentication Bypass Using an Alternate Path or Channel
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mstore Api