Missing Authentication Vulnerability in CafePlus by AKIN Software
CVE-2026-10711

8.8HIGH

Key Information:

Vendor: Akin Software Computer Import Export Industry And Trade Ltd.
Status: Cafeplus
Vendor: CVE Published:; 23 June 2026

🔔 Create Akin Software Computer Import Export Industry And Trade Ltd. Vulnerability Alert

What is CVE-2026-10711?

A significant security issue exists in AKIN Software's CafePlus, where missing authentication mechanisms permit unauthorized access to certain functionalities. This vulnerability arises from insufficient constraints on Access Control Lists (ACLs), potentially enabling malicious actors to exploit system operations that should be restricted. The affected versions, specifically CafePlus from 12.05.03 up to, but not including, 12.05.04 are at risk, necessitating immediate attention to secure user credentials and reinforce access controls.

Affected Version(s)

CafePlus 12.05.03 < 12.05.04

References

https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/...

government-resource

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 23, 2026
Vulnerability Reserved
Jun 2, 2026

Credit

Muhammed İbrahim TEKİN

CVE-2026-10711 Data

JSON