Auth bypass in Fossbilling
CVE-2026-42341
FOSSBilling is a free, open-source billing and client management system. Versions 0.6.0 through 0.7.2 have an unauthenticated payment bypass vulnerability in FOSSBilling's IPN callback endpoint. When the Custom payment adapter is enabled…
Vulnerability class: Broken Authentication
Affected products
- Fossbilling — versions >= 0.6.0, < 0.8.0
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)