CVE-2026-1619 - Vulnerability Analysis
HighCVSS: 8.3Last Updated: February 13, 2026
Universal Software Inc. FlexCity/Kiosk - Authorization Bypass
Overview
Universal Software Inc. FlexCity/Kiosk >= 1.0 and < 1.0.36 contains an authorization bypass caused by exploitation of trusted identifiers, letting attackers bypass authorization, exploit requires user-controlled key.
Severity & Score
Impact
Attackers can bypass authorization controls, gaining unauthorized access to restricted resources.
Mitigation
Upgrade to version 1.0.36 or later.
Social Media Activity(1 post)
š CVE-2026-1619 - High (8.3) Authorization Bypass Through User-Controlled Key vulnerability in Universal Software Inc. FlexCity/Kiosk allows Exploitation of Trusted Identifiers.This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36. š https://www.thehackerwire.com/vulnerability/CVE-2026-1619/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postRelated Resources
Details
- CVE ID
- CVE-2026-1619
- Severity
- High
- CVSS Score
- 8.3
- Type
- broken_access_control
- Status
- unconfirmed
- EPSS
- 3.8%
- Social Posts
- 1
CWE
- CWE-639
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L