What is CVE-2026-31836?

CVE-2026-31836 is a high-severity vulnerability in Bluewave-labs Checkmate, classified under Improper Authorization. CVSS score: 8.1/10. Published 2026-03-20.

How severe is CVE-2026-31836?

High severity. CVSS v3 base score is 8.1 out of 10.

Auth bypass in Bluewave-labs Checkmate

CVE-2026-31836

Checkmate is an open-source, self-hosted tool designed to track and monitor server hardware, uptime, response times, and incidents in real-time with beautiful visualizations. In versions from 3.5.1 and prior, a mass assignment vulnerabilit…

EPSS: 0.000 (14.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.1 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N.

Affected products

Bluewave-labs Checkmate — versions <= 3.5.1

Weakness classification (CWE)

CWE-285 — Improper Authorization
CWE-269 — Improper Privilege Management

References

https://github.com/bluewave-labs/Checkmate/security/advisories/GHSA-6368-x7wr-wpm2 (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2026-31836?: CVE-2026-31836 is a high-severity vulnerability in Bluewave-labs Checkmate, classified under Improper Authorization. CVSS score: 8.1/10. Published 2026-03-20.
How severe is CVE-2026-31836?: High severity. CVSS v3 base score is 8.1 out of 10.