Sign in Subscribe

← All advisories

Unrated severityNVD Advisory· Published Mar 26, 2026· Updated Mar 28, 2026

CVE-2026-30458

CVE-2026-30458

Description

An issue in Daylight Studio FuelCMS v1.5.2 allows attackers to exfiltrate users' password reset tokens via a mail splitting attack.

Affected products

2

Daylight Studio/FuelCMSdescription
Daylight Studio/FuelCMSllm-fuzzy
Range: =1.5.2

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

daylight.commitre
fuelcms.commitre
pentest-tools.com/PTT-2025-025-Account-Takeover-via-Email-Array.pdfmitre

News mentions

0

No linked articles in our index yet.