3 matches found
CVE-2026-11414
creationtimestamp| type| source ---|---|--- 2026-06-05 21:00:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnkztxyif42t 2026-06-06 10:30:27+00:00| seen| https://infosec.exchange/users/offseq/statuses/116702696330101939 2026-06-06 10:30:29+00:00| seen|...
CVE-2026-11414 Unauthenticated File Exfiltration in Altium Enterprise Server Vault Service via Hard-coded Cryptographic Key and Path Traversal
A hard-coded cryptographic key is used by Altium Enterprise Server to sign file download URLs in the Vault service. Because the key is identical across all installations, an unauthenticated network attacker who can reach the server can forge valid download signatures and retrieve files from the...
CVE-2026-11414
CVE-2026-11414 affects Altium Enterprise Server Vault service. The issue comprises two vulnerabilities: (1) a hard-coded cryptographic key used to sign file download URLs, identical across installations, enabling an unauthenticated network attacker to forge valid signatures and retrieve files fro...