Vulnerability in Sparx Systems Enterprise Architect

CVE-2026-42098

Sparx Enterprise Architect software has a security feature that limits user's actions to those specified in the role. An authenticated attacker can modify the Enterprise Architect client behavior (e.g. using a debugger) and log in as any…

EPSS: 0.000 (13.6th percentile) — read the EPSS interpretation.

Affected products

Sparx Systems Enterprise Architect — versions 0

Weakness classification (CWE)

CWE-603

References

cvd@cert.pl (third-party-advisory)
cvd@cert.pl (product)
cvd@cert.pl (technical-description)
cvd@cert.pl (third-party-advisory)