{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2026-31052", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-04-24T16:04:54.622Z", "dateReserved": "2026-03-09T00:00:00.000Z", "datePublished": "2026-04-24T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-24T14:18:36.768Z"}, "descriptions": [{"lang": "en", "value": "An issue in Hostbill v.2025-11-24 and 2025-12-01 allows a remote attacker to cause a denial of service via the Checkout Authentication Flow component"}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://hostbillapp.com/changelog"}, {"url": "https://hostbillapp.com/release-notes/11-27-2025.html"}, {"url": "https://blog.hostbillapp.com/2025/12/03/hostbill-security-advisory/"}, {"url": "https://hostbillapp.com/responsible-disclosure"}, {"url": "https://github.com/Muhammad5235/HostBill-CVEs-2025/blob/main/Rate%20Limit%20Bypass/Description"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-400", "lang": "en", "description": "CWE-400 Uncontrolled Resource Consumption"}]}], "references": [{"url": "https://github.com/Muhammad5235/HostBill-CVEs-2025/blob/main/Rate%20Limit%20Bypass/Description", "tags": ["exploit"]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-04-24T16:03:05.653987Z", "id": "CVE-2026-31052", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-24T16:04:54.622Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-31052", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-24T16:03:05.653987Z"}}}], "references": [{"url": "https://github.com/Muhammad5235/HostBill-CVEs-2025/blob/main/Rate%20Limit%20Bypass/Description", "tags": ["exploit"]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-400", "description": "CWE-400 Uncontrolled Resource Consumption"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-24T16:03:57.628Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://hostbillapp.com/changelog"}, {"url": "https://hostbillapp.com/release-notes/11-27-2025.html"}, {"url": "https://blog.hostbillapp.com/2025/12/03/hostbill-security-advisory/"}, {"url": "https://hostbillapp.com/responsible-disclosure"}, {"url": "https://github.com/Muhammad5235/HostBill-CVEs-2025/blob/main/Rate%20Limit%20Bypass/Description"}], "descriptions": [{"lang": "en", "value": "An issue in Hostbill v.2025-11-24 and 2025-12-01 allows a remote attacker to cause a denial of service via the Checkout Authentication Flow component"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-24T14:18:36.768Z"}}}, "cveMetadata": {"cveId": "CVE-2026-31052", "state": "PUBLISHED", "dateUpdated": "2026-04-24T16:04:54.622Z", "dateReserved": "2026-03-09T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-04-24T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An issue in Hostbill v.2025-11-24 and 2025-12-01 allows a remote attacker to cause a denial of service via the Checkout Authentication Flow component"}], "id": "CVE-2026-31052", "lastModified": "2026-04-24T17:55:55.317", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-04-24T15:16:27.210", "references": [{"source": "cve@mitre.org", "url": "https://blog.hostbillapp.com/2025/12/03/hostbill-security-advisory/"}, {"source": "cve@mitre.org", "url": "https://github.com/Muhammad5235/HostBill-CVEs-2025/blob/main/Rate%20Limit%20Bypass/Description"}, {"source": "cve@mitre.org", "url": "https://hostbillapp.com/changelog"}, {"source": "cve@mitre.org", "url": "https://hostbillapp.com/release-notes/11-27-2025.html"}, {"source": "cve@mitre.org", "url": "https://hostbillapp.com/responsible-disclosure"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "url": "https://github.com/Muhammad5235/HostBill-CVEs-2025/blob/main/Rate%20Limit%20Bypass/Description"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[2025-11-24,2025-12-01]"}}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "hostbill", "vendor": "hostbillapp"}], "analysis": {"en": {"generated_at": "2026-04-28T07:08:33.088399+00:00", "value": {"mitigation_remediation": ["Update Hostbill to a version released after 2025\u201112\u201101 that resolves the checkout authentication flow issue, following the hostbill changelog and release notes.", "If an immediate upgrade is not possible, implement rate limiting or CAPTCHA on the checkout authentication endpoint to prevent automated request flooding.", "Continuously monitor checkout logs for unusually high request rates or repeated authentication failures, and block or alert on suspicious patterns."], "summary": {"action": "Apply patch", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "Hostbill. Versions 2025\u201111\u201124 and 2025\u201112\u201101 are affected. Any deployment of these versions should be considered at risk until the issue is mitigated.", "description_and_impact": "The vulnerability exists in the Checkout Authentication Flow component of Hostbill and permits a remote attacker, by sending crafted requests, to trigger resource exhaustion that brings the service down. This flaw is classified as CWE-400, indicating that input from an attacker is poorly validated leading to denial\u2011of\u2011service. The impact is a loss of availability of the checkout process and potentially the entire billing system while the denial of service is active.", "risk_and_exploitability": "The CVSS score of 5.3 identifies the vulnerability as moderate severity. The EPSS score of less than 1% shows that, as of now, exploitation is unlikely, and it is not listed in CISA\u2019s KEV catalog. The attack vector is remote and relies on interacting with the checkout authentication flow, so any exposed web interface that processes checkout requests is a potential entry point. Because the exploitation requires sending repeated or malformed requests, the risk is reduced but not negligible for attackers with enough persistence or resources."}}}}, "created": "2026-04-27T19:15:11.632704+00:00", "title": "Denial of Service via Checkout Authentication Flow in Hostbill", "updated": "2026-04-28T07:15:19.375103+00:00", "vendors": ["hostbillapp", "hostbillapp$PRODUCT$hostbill"]}