Unrated severityNVD Advisory· Published Feb 26, 2026· Updated Mar 3, 2026

go2ismail Asp.Net-Core-Inventory-Order-Management-System Security API improper authorization

CVE-2026-3263

Description

A vulnerability was found in go2ismail Asp.Net-Core-Inventory-Order-Management-System up to 9.20250118. Affected by this vulnerability is an unknown functionality of the file /api/Security/ of the component Security API. Performing a manipulation results in improper authorization. Remote exploitation of the attack is possible. The vendor was contacted early about this disclosure but did not respond in any way.

Affected products

go2ismail/Asp.Net-Core-Inventory-Order-Management-Systemv5
Range: 9.20250118

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

vuldb.commitrethird-party-advisory
github.com/Ghufran2/CVE-Asp.Net-Core-Inventory-Order-Management-System-Advisories/blob/main/Asp.Net-Core-Inventory-Order-Management-System%20IDOR%20to%20Full%20System%20Compromise.mdmitrerelated
vuldb.commitresignaturepermissions-required
vuldb.commitrevdb-entry

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000