{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2026-4562/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["CVE-2026-4562","authentication-bypass","web-application"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eCVE-2026-4562 details a missing authentication vulnerability within MacCMS version 2025.1000.4052. The vulnerability is located in the \u003ccode\u003eapplication/api/controller/Timming.php\u003c/code\u003e file, specifically within the Timming API Endpoint component. This flaw allows unauthenticated remote attackers to execute actions that should normally require authentication. The vulnerability has been publicly disclosed, increasing the risk of exploitation. Defenders should prioritize identifying and mitigating…\u003c/p\u003e\n","date_modified":"2026-03-24T12:00:00Z","date_published":"2026-03-24T12:00:00Z","id":"/briefs/2026-03-maccms-auth-bypass/","summary":"A missing authentication vulnerability exists in MacCMS 2025.1000.4052, specifically affecting the Timming API Endpoint component in application/api/controller/Timming.php, allowing remote attackers to bypass authentication.","title":"MacCMS 2025.1000.4052 Missing Authentication Vulnerability (CVE-2026-4562)","url":"https://feed.craftedsignal.io/briefs/2026-03-maccms-auth-bypass/"}],"language":"en","title":"CraftedSignal Threat Feed — CVE-2026-4562","version":"https://jsonfeed.org/version/1.1"}