Home

Description

Missing authentication for critical function vulnerability in AKIN Software Computer Import Export Industry and Trade Ltd. CafePlus allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects CafePlus: from 12.05.03 before 12.05.04.

PUBLISHED Reserved 2026-06-02 | Published 2026-06-23 | Updated 2026-06-23 | Assigner TR-CERT




HIGH: 8.8CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-306 Missing authentication for critical function

Product status

Default status
unaffected

12.05.03 (custom) before 12.05.04
affected

Credits

Muhammed İbrahim TEKİN finder

References

siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0428 government-resource

cve.org (CVE-2026-10711)

nvd.nist.gov (CVE-2026-10711)

Download JSON