Skip to content
Threat Feed

Vendor

Vimesoft Inc.

3 briefs RSS
high advisory

Authentication Bypass Vulnerability in Vimesoft Enterprise Video Platform (CVE-2026-12691)

CVE-2026-12691 describes a critical authentication bypass vulnerability in Vimesoft Inc.'s Enterprise Video Platform versions from 3.11.0.0 before 3.25.0, allowing unauthenticated attackers to bypass security mechanisms for critical functions and potentially gain unauthorized access to sensitive information, with a CVSS v3.1 base score of 7.5.

Enterprise Video Platform authentication-bypass vulnerability web-application
1t 1c
critical advisory

CVE-2026-12693 Authorization Bypass in Vimesoft Enterprise Video Platform

A critical authorization bypass vulnerability, identified as CVE-2026-12693, exists in Vimesoft Inc.'s Enterprise Video Platform, affecting versions from 3.11.0.0 before 3.25.0, allowing an unauthenticated, remote attacker to gain unauthorized access to functionality not properly constrained by Access Control Lists (ACLs) via a user-controlled key, leading to high confidentiality and integrity impacts.

Enterprise Video Platform authorization-bypass vulnerability web-application
2t 1c
critical advisory

CVE-2026-12692: Unverified Password Change Vulnerability in Vimesoft Enterprise Video Platform

An unverified password change vulnerability (CVE-2026-12692) exists in Vimesoft Inc.'s Enterprise Video Platform, affecting versions from 3.11.0.0 up to, but not including, 3.25.0, which allows an attacker to bypass authentication mechanisms, potentially leading to unauthorized access to the platform by changing user passwords without proper verification.

Enterprise Video Platform +1 vulnerability authentication-bypass web-application cve critical-vulnerability
1t 2c 1i