Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
PcVue Web Features Still Use Outdated Password-Credential Sharing
CVE-2026-1693
Summary
The PcVue WebVue, WebScheduler, TouchVue, and Snapvue features in versions 12.0.0 through 16.3.3 use an outdated method to share passwords with remote services, which could allow an attacker to steal user credentials. This puts user accounts at risk of unauthorized access. Upgrade to a supported version to fix this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| arcinformatique | pcvue | > 12.0.0 , <= 15.2.13 | – |
| arcinformatique | pcvue | > 16.0.0 , <= 16.3.4 | – |
Original title
The OAuth grant type Resource Owner Password Credentials (ROPC) flow is still used by the werbservices used by the WebVue, WebScheduler, TouchVue and Snapvue features of PcVue in version 12.0.0 thr...
Original description
The OAuth grant type Resource Owner Password Credentials (ROPC) flow is still used by the werbservices used by the WebVue, WebScheduler, TouchVue and Snapvue features of PcVue in version 12.0.0 through 16.3.3 included despite being deprecated. It might allow a remote attacker to steal user credentials.
nvd CVSS4.0
5.3
Vulnerability type
CWE-477
CWE-1390
Published: 26 Feb 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026