How severe is CVE-2026-54104?

High severity. CVSS v3 base score is 8.8 out of 10.

Vulnerability in Civilian Board Of Contract Appeals Electronic Docketing System (Eds)

CVE-2026-54104

The U.S. Government Accountability Office (GAO) Electronic Protest Docketing System (EPDS) and Civilian Board of Contract Appeals (CBCA) Electronic Docketing System (EDS) trusts client-provided values for the 'epds_role_id' parameter witho…

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Civilian Board Of Contract Appeals Electronic Docketing System (Eds) — versions 0, 2026-03-19
Government Accountability Office Electronic Protest Docketing System (Epds) — versions 0, 2026-02-22

Weakness classification (CWE)

CWE-602

References

9119a7d8-5eab-497f-8521-727c672e3725 (vdb-entry)
9119a7d8-5eab-497f-8521-727c672e3725 (product)
9119a7d8-5eab-497f-8521-727c672e3725 (product)
9119a7d8-5eab-497f-8521-727c672e3725

Frequently asked questions

What is CVE-2026-54104?: CVE-2026-54104 is a high-severity vulnerability in Civilian Board Of Contract Appeals Electronic Docketing System (Eds), classified under CWE-602. CVSS score: 8.8/10. Published 2026-06-18.
How severe is CVE-2026-54104?: High severity. CVSS v3 base score is 8.8 out of 10.