Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
CVE-2026-42731: miniOrange OTP Verification: Unauthorized Access to Sensitive Data
CVE-2026-42731
Summary
A vulnerability in miniOrange OTP Verification software allows attackers to gain access to sensitive data or functions they shouldn't have. This affects versions up to 5.4.9. To stay secure, update to a fixed version as soon as possible.
Original title
Incorrect Privilege Assignment vulnerability in miniOrange miniorange otp verification miniorange-otp-verification allows Privilege Escalation.This issue affects miniorange otp verification: from n...
Original description
Incorrect Privilege Assignment vulnerability in miniOrange miniorange otp verification miniorange-otp-verification allows Privilege Escalation.This issue affects miniorange otp verification: from n/a through <= 5.4.9.
nvd CVSS3.1
9.8
Vulnerability type
CWE-266
Incorrect Privilege Assignment
Published: 27 May 2026 · Updated: 28 May 2026 · First seen: 27 May 2026