CVE-2026-26235 HIGH

CVE-2026-26235: JUNG Smart Visu Server 1.1.1050 - 'JUNG Smart Visu Server' Missing Authentication

Vendor Albrecht Jung Gmbh & Co. Kg
Product JUNG Smart Visu Server
Weakness CWE-306 · Missing auth
Published February 12, 2026
Last update March 5, 2026

CVSS base score

8.7/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

JUNG Smart Visu Server 1.1.1050 contains a denial of service vulnerability that allows unauthenticated attackers to remotely shutdown or reboot the server. Attackers can send a single POST request to trigger the server reboot without requiring any authentication.

Key dates

02Disclosure timeline

February 12, 2026 CVE published
March 5, 2026 Record updated