Vendor
Authentication Bypass Vulnerability in Vimesoft Enterprise Video Platform (CVE-2026-12691)
1 TTP 1 CVECVE-2026-12691 describes a critical authentication bypass vulnerability in Vimesoft Inc.'s Enterprise Video Platform versions from 3.11.0.0 before 3.25.0, allowing unauthenticated attackers to bypass security mechanisms for critical functions and potentially gain unauthorized access to sensitive information, with a CVSS v3.1 base score of 7.5.
CVE-2026-12693 Authorization Bypass in Vimesoft Enterprise Video Platform
2 TTPs 1 CVEA critical authorization bypass vulnerability, identified as CVE-2026-12693, exists in Vimesoft Inc.'s Enterprise Video Platform, affecting versions from 3.11.0.0 before 3.25.0, allowing an unauthenticated, remote attacker to gain unauthorized access to functionality not properly constrained by Access Control Lists (ACLs) via a user-controlled key, leading to high confidentiality and integrity impacts.
CVE-2026-12692: Unverified Password Change Vulnerability in Vimesoft Enterprise Video Platform
1 TTP 2 CVEs 1 IOCAn unverified password change vulnerability (CVE-2026-12692) exists in Vimesoft Inc.'s Enterprise Video Platform, affecting versions from 3.11.0.0 up to, but not including, 3.25.0, which allows an attacker to bypass authentication mechanisms, potentially leading to unauthorized access to the platform by changing user passwords without proper verification.