CVE-2026-27637 - Vulnerability Analysis
CriticalCVSS: 9.8Last Updated: February 26, 2026
FreeScout - Authentication Bypass
Overview
FreeScout < 1.8.206 contains an authentication bypass caused by predictable static tokens computed using MD5(user_id + created_at + APP_KEY) in TokenAuth middleware, letting attackers with APP_KEY achieve full account takeover, exploit requires attacker to know APP_KEY.
Severity & Score
Impact
Attackers with APP_KEY can fully compromise any user account, including administrators, leading to complete account takeover.
Mitigation
Upgrade to version 1.8.206 or later.
References
Social Media Activity(2 posts)
šØ CVE-2026-27637 (CRITICAL, 9.8): FreeScout <1.8.206 uses predictable tokens if APP_KEY is leaked, enabling total account takeover. Upgrade to 1.8.206+, rotate APP_KEY, and audit access controls now! https://radar.offseq.com/threat/cve-2026-27637-cwe-330-use-of-insufficiently-rando-8f97b2e6 #OffSeq #FreeScout #Vuln #AppSec
View original post
š“ CVE-2026-27637 - Critical (9.8) FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.206, FreeScout's `TokenAuth` middleware uses a predictable authentication token computed as `MD5(user_id + created_at + APP_KEY)`. This token i... š https://www.thehackerwire.com/vulnerability/CVE-2026-27637/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postRelated Resources
Details
- CVE ID
- CVE-2026-27637
- Severity
- Critical
- CVSS Score
- 9.8
- Type
- broken_authentication
- Status
- confirmed
- EPSS
- 9.0%
- Social Posts
- 2
CWE
- CWE-330
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H