{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-2676", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-02-18T10:54:46.673Z", "datePublished": "2026-02-18T22:02:07.132Z", "dateUpdated": "2026-02-23T10:25:41.735Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-02-23T10:25:41.735Z"}, "title": "GoogTech sms-ssm API LoginInterceptor.java preHandle improper authorization", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-285", "lang": "en", "description": "Improper Authorization"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-266", "lang": "en", "description": "Incorrect Privilege Assignment"}]}], "affected": [{"vendor": "GoogTech", "product": "sms-ssm", "versions": [{"version": "e8534c766fd13f5f94c01dab475d75f286918a8d", "status": "affected"}], "modules": ["API Interface"]}], "descriptions": [{"lang": "en", "value": "A weakness has been identified in GoogTech sms-ssm up to e8534c766fd13f5f94c01dab475d75f286918a8d. Affected by this issue is the function preHandle of the file LoginInterceptor.java of the component API Interface. Executing a manipulation can lead to improper authorization. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks. This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 6.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:C", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 6.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:C", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:C"}}], "timeline": [{"time": "2026-02-18T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-02-18T01:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-02-18T11:59:52.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "Jszdk (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.346469", "name": "VDB-346469 | GoogTech sms-ssm API LoginInterceptor.java preHandle improper authorization", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.346469", "name": "VDB-346469 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.749702", "name": "Submit #749702 | https://github.com/GoogTech/sms-ssm sms-ssm 1.0 Improper Privilege Management", "tags": ["third-party-advisory"]}, {"url": "https://github.com/GoogTech/sms-ssm/issues/27", "tags": ["issue-tracking"]}, {"url": "https://github.com/GoogTech/sms-ssm/issues/27#issuecomment-3828063958", "tags": ["issue-tracking"]}, {"url": "https://github.com/GoogTech/sms-ssm/issues/27#issue-3878817166", "tags": ["exploit", "issue-tracking"]}, {"url": "https://github.com/GoogTech/sms-ssm/", "tags": ["product"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-19T16:00:40.674064Z", "id": "CVE-2026-2676", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-19T16:00:57.872Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-2676", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-19T16:00:40.674064Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-19T16:00:50.660Z"}}], "cna": {"title": "GoogTech sms-ssm API LoginInterceptor.java preHandle improper authorization", "credits": [{"lang": "en", "type": "reporter", "value": "Jszdk (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:C"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:C"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:C"}}], "affected": [{"vendor": "GoogTech", "modules": ["API Interface"], "product": "sms-ssm", "versions": [{"status": "affected", "version": "e8534c766fd13f5f94c01dab475d75f286918a8d"}]}], "timeline": [{"lang": "en", "time": "2026-02-18T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-02-18T01:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-02-18T11:59:52.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.346469", "name": "VDB-346469 | GoogTech sms-ssm API LoginInterceptor.java preHandle improper authorization", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.346469", "name": "VDB-346469 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.749702", "name": "Submit #749702 | https://github.com/GoogTech/sms-ssm sms-ssm 1.0 Improper Privilege Management", "tags": ["third-party-advisory"]}, {"url": "https://github.com/GoogTech/sms-ssm/issues/27", "tags": ["issue-tracking"]}, {"url": "https://github.com/GoogTech/sms-ssm/issues/27#issuecomment-3828063958", "tags": ["issue-tracking"]}, {"url": "https://github.com/GoogTech/sms-ssm/issues/27#issue-3878817166", "tags": ["exploit", "issue-tracking"]}, {"url": "https://github.com/GoogTech/sms-ssm/", "tags": ["product"]}], "descriptions": [{"lang": "en", "value": "A weakness has been identified in GoogTech sms-ssm up to e8534c766fd13f5f94c01dab475d75f286918a8d. Affected by this issue is the function preHandle of the file LoginInterceptor.java of the component API Interface. Executing a manipulation can lead to improper authorization. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks. This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-285", "description": "Improper Authorization"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-266", "description": "Incorrect Privilege Assignment"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-02-23T10:25:41.735Z"}}}, "cveMetadata": {"cveId": "CVE-2026-2676", "state": "PUBLISHED", "dateUpdated": "2026-02-23T10:25:41.735Z", "dateReserved": "2026-02-18T10:54:46.673Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-02-18T22:02:07.132Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A weakness has been identified in GoogTech sms-ssm up to e8534c766fd13f5f94c01dab475d75f286918a8d. Affected by this issue is the function preHandle of the file LoginInterceptor.java of the component API Interface. Executing a manipulation can lead to improper authorization. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks. This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed."}, {"lang": "es", "value": "Se ha identificado una debilidad en GoogTech sms-ssm hasta e8534c766fd13f5f94c01dab475d75f286918a8d. La funci\u00f3n preHandle del archivo LoginInterceptor.java del componente Interfaz API est\u00e1 afectada por este problema. Si se ejecuta de forma manipulada puede llevar a una autorizaci\u00f3n impropia. El ataque puede realizarse en remoto. El exploit ha sido puesto a disposici\u00f3n del p\u00fablico y podr\u00eda ser utilizado para ataques. Este producto utiliza un sistema de entrega continua, y como tal, la informaci\u00f3n de la versi\u00f3n para las versiones afectadas o actualizadas no se divulga."}], "id": "CVE-2026-2676", "lastModified": "2026-04-29T01:00:01.613", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 2.1, "baseSeverity": "LOW", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-02-18T23:16:20.910", "references": [{"source": "cna@vuldb.com", "url": "https://github.com/GoogTech/sms-ssm/"}, {"source": "cna@vuldb.com", "url": "https://github.com/GoogTech/sms-ssm/issues/27"}, {"source": "cna@vuldb.com", "url": "https://github.com/GoogTech/sms-ssm/issues/27#issue-3878817166"}, {"source": "cna@vuldb.com", "url": "https://github.com/GoogTech/sms-ssm/issues/27#issuecomment-3828063958"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?ctiid.346469"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?id.346469"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?submit.749702"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-266"}, {"lang": "en", "value": "CWE-285"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "e8534c766fd13f5f94c01dab475d75f286918a8d"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "sms-ssm", "source": "cna", "vendor": "GoogTech"}, "product": "sms-ssm", "vendor": "googtech"}], "analysis": {"en": {"generated_at": "2026-04-17T18:25:21.327848+00:00", "value": {"mitigation_remediation": ["Apply the latest vendor patch or update to a release that resolves the preHandle authorization issue.", "If no patch is available yet, restrict network access to the API endpoints by using firewall rules or IP whitelisting to limit connections to trusted hosts.", "Enable logging and actively monitor authentication logs for unusual access patterns, and alert on repeated failures or unauthorized bypass attempts."], "summary": {"action": "Apply Patch", "impact": "Authorization Bypass"}, "threat_synthesis": {"affected_systems": "Affected is the GoogTech sms-ssm API interface component. All releases up to commit e8534c766fd13f5f94c01dab475d75f286918a8d are vulnerable. The product uses a rolling release model, so the exact version is not disclosed; the fix will appear in future releases.", "description_and_impact": "The weakness lies in the preHandle method of LoginInterceptor.java in GoogTech sms-ssm, allowing an attacker to bypass proper authorization checks. This flaw corresponds to the common weaknesses of improper privilege management and incorrect authentication, and lets a remote actor gain unauthorized access to protected API endpoints. The attacker can read, modify, or delete data that should be restricted, compromising confidentiality and integrity of the system.", "risk_and_exploitability": "CVSS score 5.3 indicates moderate severity, but EPSS is less than 1%, pointing to a low exploitation probability. The vulnerability is not catalogued in KEV, yet an exploit has been publicly released. The primary threat comes from remote actors targeting the API endpoints, potentially achieving unauthorized access. The risk remains until a patch is applied, though current exploitation likelihood is low."}}}}, "created": "2026-02-19T10:10:37.268583+00:00", "updated": "2026-04-17T18:30:05.656220+00:00", "vendors": ["googtech", "googtech$PRODUCT$sms-ssm"]}