← back
CVE-2026-8377

Improper Authorization in Armiya Technologies' Access Control System

CVSS 8.2 HIGHEPSS 0.2%CWE-862
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8.2EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
07 Jul 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Missing Authorization vulnerability in Armiya Information Technologies Ltd. Co. Access Control System (GKS) allows Collect Data from Common Resource Locations. This issue affects Access Control System (GKS): before Version 2.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N