Auth bypass in Fossbilling

CVE-2026-42341

FOSSBilling is a free, open-source billing and client management system. Versions 0.6.0 through 0.7.2 have an unauthenticated payment bypass vulnerability in FOSSBilling's IPN callback endpoint. When the Custom payment adapter is enabled…

Vulnerability class: Broken Authentication

Affected products

Weakness classification (CWE)

References