VYPR

FUXA SCADA/HMI

by Frangoteam

CVEs (1)

  • CVE-2026-13207higJun 30, 2026
    risk 0.49cvss 7.5epss

    FUXA versions 1.3.1 and prior contain an authentication bypass vulnerability via dot-segment path normalization in the REST API. The API router fails to normalize dot-segment sequences before applying authentication middleware, allowing unauthenticated requests to access…