Vulnerability in Krajowa Izba Rozliczeniowa Szafir Sdk Web
CVE-2026-26927
Szafir SDK Web is a browser plug-in that can run SzafirHost application which download the necessary files when launched. In Szafir SDK Web it is possible to change the URL (HTTP Origin) of the application call location. An unauthenticated…
EPSS: 0.000 (3.8th percentile) — read the EPSS interpretation.
Affected products
- Krajowa Izba Rozliczeniowa Szafir Sdk Web — versions 0
Weakness classification (CWE)
References
- cert.pl/posts/2026/04/CVE-2026-26927 (third-party-advisory)
- www.elektronicznypodpis.pl/ (product)