Vulnerability in Fossbilling

CVE-2026-43927

FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, a race condition in the cart checkout flow allows an authenticated client to apply a promo code beyond its configured maximum uses. By sending…

Vulnerability class: TOCTOU (Time-of-Check to Time-of-Use)

Affected products

Weakness classification (CWE)

References