What is CVE-2026-48558?

CVE-2026-48558 is a critical-severity vulnerability, classified under Improper Verification of Cryptographic Signature. CVSS score: 10.0/10. Published 2026-06-12.

How severe is CVE-2026-48558?

Critical severity. CVSS v3 base score is 10.0 out of 10.

CVE-2026-48558

CVE-2026-48558

SimpleHelp versions 5.5.15 and prior and 6.0 pre-release versions contain an authentication bypass vulnerability in the OIDC authentication flow. When OIDC authentication is configured, identity tokens submitted during login are accepted w…

CVSS v3 metric

CVSS v3 base score 10.0 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H.

Weakness classification (CWE)

CWE-347 — Improper Verification of Cryptographic Signature

References

disclosure@vulncheck.com
disclosure@vulncheck.com
disclosure@vulncheck.com

Frequently asked questions

What is CVE-2026-48558?: CVE-2026-48558 is a critical-severity vulnerability, classified under Improper Verification of Cryptographic Signature. CVSS score: 10.0/10. Published 2026-06-12.
How severe is CVE-2026-48558?: Critical severity. CVSS v3 base score is 10.0 out of 10.