{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2026-30458", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-03-28T02:03:09.642Z", "dateReserved": "2026-03-04T00:00:00.000Z", "datePublished": "2026-03-26T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-26T18:32:00.644Z"}, "descriptions": [{"lang": "en", "value": "An issue in Daylight Studio FuelCMS v1.5.2 allows attackers to exfiltrate users' password reset tokens via a mail splitting attack."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/daylightstudio/FUEL-CMS"}, {"url": "http://daylight.com"}, {"url": "http://fuelcms.com"}, {"url": "https://pentest-tools.com/PTT-2025-025-Account-Takeover-via-Email-Array.pdf"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-620", "lang": "en", "description": "CWE-620 Unverified Password Change"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-28T01:59:12.597605Z", "id": "CVE-2026-30458", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-28T02:03:09.642Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-30458", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-28T01:59:12.597605Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-620", "description": "CWE-620 Unverified Password Change"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-28T02:03:05.237Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://github.com/daylightstudio/FUEL-CMS"}, {"url": "http://daylight.com"}, {"url": "http://fuelcms.com"}, {"url": "https://pentest-tools.com/PTT-2025-025-Account-Takeover-via-Email-Array.pdf"}], "descriptions": [{"lang": "en", "value": "An issue in Daylight Studio FuelCMS v1.5.2 allows attackers to exfiltrate users' password reset tokens via a mail splitting attack."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-26T18:32:00.644Z"}}}, "cveMetadata": {"cveId": "CVE-2026-30458", "state": "PUBLISHED", "dateUpdated": "2026-03-28T02:03:09.642Z", "dateReserved": "2026-03-04T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-03-26T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:thedaylightstudio:fuel_cms:1.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "E3A44312-83D2-4421-9A35-3FD048EA578A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An issue in Daylight Studio FuelCMS v1.5.2 allows attackers to exfiltrate users' password reset tokens via a mail splitting attack."}, {"lang": "es", "value": "Un problema en Daylight Studio FuelCMS v1.5.2 permite a los atacantes exfiltrar tokens de restablecimiento de contrase\u00f1a de los usuarios mediante un ataque de divisi\u00f3n de correo."}], "id": "CVE-2026-30458", "lastModified": "2026-03-30T14:11:49.907", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-26T19:17:00.050", "references": [{"source": "cve@mitre.org", "tags": ["Not Applicable"], "url": "http://daylight.com"}, {"source": "cve@mitre.org", "tags": ["Product"], "url": "http://fuelcms.com"}, {"source": "cve@mitre.org", "tags": ["Product"], "url": "https://github.com/daylightstudio/FUEL-CMS"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://pentest-tools.com/PTT-2025-025-Account-Takeover-via-Email-Array.pdf"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-620"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.5.2"}}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 82.0, "source": "matching"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "fuel_cms", "vendor": "daylightstudio"}], "analysis": {"en": {"generated_at": "2026-03-30T15:21:29.464677+00:00", "value": {"mitigation_remediation": ["Apply the latest FuelCMS update that addresses the token handling issue if an update is available.", "If no patch is available, disable the password reset functionality until a fix is released.", "Monitor authentication logs for anomalous reset requests or unusual token usage patterns.", "Implement network or application layer controls to block suspicious email requests that could trigger the flaw."], "summary": {"action": "Patch ASAP", "impact": "Exfiltration of password reset tokens, enabling account takeover"}, "threat_synthesis": {"affected_systems": "The affected system is Daylight Studio\u2019s FuelCMS, specifically version 1.5.2. Users running this version of the CMS are exposed, regardless of deployment environment, because the flaw resides in the core token management feature.", "description_and_impact": "An issue in Daylight Studio FuelCMS v1.5.2 permits attackers to extract users\u2019 password reset tokens through an email splitting technique. The vulnerability allows malicious actors to obtain tokens that would normally be protected, thereby enabling them to reset passwords without authorization. This directly undermines confidentiality and integrity of user accounts, posing a high risk of compromise.", "risk_and_exploitability": "The flaw carries a CVSS score of 9.1, indicating critical severity, while the EPSS score is below 1 percent, suggesting a low current exploitation probability. It is not listed in the CISA KEV catalog. The vulnerability can be leveraged remotely by sending crafted requests that manipulate the email handling logic to trigger token exfiltration, implying that users who receive such requests may be at immediate risk."}}}}, "created": "2026-03-27T08:36:23.116733+00:00", "updated": "2026-03-30T20:57:48.440331+00:00", "vendors": ["daylightstudio", "daylightstudio$PRODUCT$fuel_cms"]}