CVE-2026-32650 HIGH

CVE-2026-32650: Anviz CrossChex Standard Algorithm Downgrade

Vendor Anviz
Product Anviz CrossChex Standard
Weakness CWE-757
Published April 17, 2026
Last update April 17, 2026

CVSS base score

7.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

Anviz CrossChex Standard is vulnerable when an attacker manipulates the TDS7 PreLogin to disable encryption, causing database credentials to be sent in plaintext and enabling unauthorized database access.

Key dates

02Disclosure timeline

April 17, 2026 CVE published
April 17, 2026 Record updated