Critical severity9.8NVD Advisory· Published Mar 17, 2026· Updated Jun 5, 2026
CVE-2026-4312
CVE-2026-4312
Description
GCB/FCB Audit Software developed by DrangSoft has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to directly access certain APIs to create a new administrative account.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- cpe:2.3:a:dragonsoft:gcb\/fcb_government_financial_cybersecurity_configuration_audit_software:-:*:*:*:*:*:*:*
(expand)+ 1 more
- (no CPE)
- (no CPE)range: 0
Patches
Vulnerability mechanics
References
2- www.twcert.org.tw/en/cp-139-10785-2cafe-2.htmlnvdThird Party Advisory
- www.twcert.org.tw/tw/cp-132-10784-4f67d-1.htmlnvdThird Party Advisory
News mentions
0No linked articles in our index yet.