What is CVE-2026-3263?

CVE-2026-3263 is a medium-severity vulnerability in Go2ismail Asp.net-core-inventory-order-management-system, classified under Improper Authorization. CVSS score: 6.3/10. Published 2026-02-26.

How severe is CVE-2026-3263?

Medium severity. CVSS v3 base score is 6.3 out of 10.

Auth bypass in Go2ismail Asp.net-core-inventory-order-management-system

CVE-2026-3263

A vulnerability was found in go2ismail Asp.Net-Core-Inventory-Order-Management-System up to 9.20250118. Affected by this vulnerability is an unknown functionality of the file /api/Security/ of the component Security API. Performing a manip…

EPSS: 0.001 (17.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:R.

Affected products

Go2ismail Asp.net-core-inventory-order-management-system — versions 9.20250118

Weakness classification (CWE)

References

VDB-347986 | go2ismail Asp.Net-Core-Inventory-Order-Management-System Security API improper authorization (vdb-entry)
VDB-347986 | CTI Indicators (IOB, IOC, TTP, IOA) (signature, permissions-required)
Submit #758335 | Indotalent Asp.Net-Core-Inventory-Order-Management-System v9.20250118 Improper Authorization (third-party-advisory)
github.com/Ghufran2/CVE-Asp.Net-Core-Inventory-Order-Management-System-Advisori… (related)

Frequently asked questions

What is CVE-2026-3263?: CVE-2026-3263 is a medium-severity vulnerability in Go2ismail Asp.net-core-inventory-order-management-system, classified under Improper Authorization. CVSS score: 6.3/10. Published 2026-02-26.
How severe is CVE-2026-3263?: Medium severity. CVSS v3 base score is 6.3 out of 10.