Vulnerabilities

Report: Breaking: CVE-2026-23782 - BMC Control-M/MFT API Secret Disclosure Vulnerability

2026-04-10 0 views admin

CVE ID :CVE-2026-23782 Published : April 10, 2026, 3:16 p.m. | 19 minutes ago Description :An issue was discovered in BMC Control-M/MFT 9.0.20 through 9.0.22. An API management endpoint allows unauthenticated users to obtain both an API identifier and its corresponding secret value. With these exposed secrets, an attacker could invoke privileged API operations, potentially leading to unauthorized access. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-23782

Published

April 10, 2026

🏷️ Tags

reportbreaking23782controlsecretdisclosurevulnerabilitypublishedcvecve-2026-23782

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: Breaking: CVE-2026-23782 - BMC Control-M/MFT API Secret Disclosure Vulnerability

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: - WordPress Cerato theme <= 2.2.18 - reflected cross site scripting (xss) vulnerab... CVE-2025-58920

Report: CVE-2025-58913 - WordPress VideoPro theme <= 2.3.8.1 - local file inclusion vulnerability

Report: Update: CVE-2026-33092 - Acronis True Image OEM/MacOS Privilege Escalation

Report: CVE-2026-40217 - LiteLLM Arbitrary Code Execution Vulnerability

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting