VYPR
Medium severity5.3NVD Advisory· Published May 20, 2026· Updated Jun 16, 2026

CVE-2026-4293

CVE-2026-4293

Description

The affected Kieback & Peter DDC building controllers are vulnerable to cross-site scripting, enabling JavaScript to be executed by the victim's browser, which allows the attacker to control the browser.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

1