Critical severity9.8NVD Advisory· Published Apr 7, 2026· Updated Apr 9, 2026
CVE-2026-31271
CVE-2026-31271
Description
megagao production_ssm v1.0 contains an authorization bypass vulnerability in the user addition functionality. The insert() method in UserController.java lacks authentication checks, allowing unauthenticated attackers to create super administrator accounts by directly accessing the /user/insert endpoint. This leads to complete system compromise.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: =1.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.