High severity7.5NVD Advisory· Published Apr 17, 2026· Updated May 4, 2026

CVE-2026-32650

Description

Anviz CrossChex Standard is vulnerable when an attacker manipulates the TDS7 PreLogin to disable encryption, causing database credentials to be sent in plaintext and enabling unauthorized database access.

Affected products

Anviz/Crosschex Standard
cpe:2.3:a:anviz:crosschex_standard:-:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-106-03.jsonnvdThird Party Advisory
www.anviz.com/contact-us.htmlnvdProduct
www.cisa.gov/news-events/ics-advisories/icsa-26-106-03nvdUS Government Resource

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000