What is CVE-2026-5031?

CVE-2026-5031 is a medium-severity vulnerability in Bichitrogan Isp Billing Software, classified under Resource Injection. CVSS score: 4.3/10. Published 2026-03-29.

How severe is CVE-2026-5031?

Medium severity. CVSS v3 base score is 4.3 out of 10.

Vulnerability in Bichitrogan Isp Billing Software

CVE-2026-5031

A vulnerability was found in BichitroGan ISP Billing Software 2025.3.20. Impacted is an unknown function of the file /?_route=settings/users-view/ of the component Endpoint. The manipulation of the argument ID results in improper control o…

EPSS: 0.000 (11.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N.

Affected products

Bichitrogan Isp Billing Software — versions 2025.3.20

Weakness classification (CWE)

CWE-99 — Resource Injection

References

VDB-353953 | BichitroGan ISP Billing Software Endpoint users-view resource injection (technical-description, vdb-entry)
VDB-353953 | CTI Indicators (IOB, IOC, IOA) (signature, permissions-required)
Submit #778530 | BichitroGan ISP Billing Software 2025.3.20 Insecure Direct Object Reference (IDOR) / Broken Access Control (third-party-advisory)
cna@vuldb.com (issue-tracking, exploit)

Frequently asked questions

What is CVE-2026-5031?: CVE-2026-5031 is a medium-severity vulnerability in Bichitrogan Isp Billing Software, classified under Resource Injection. CVSS score: 4.3/10. Published 2026-03-29.
How severe is CVE-2026-5031?: Medium severity. CVSS v3 base score is 4.3 out of 10.