Missing Authentication in RafyMrX TOKO-ONLINE-ROTI
CVE-2026-15491

6.9MEDIUM

Key Information:

Vendor

Rafymrx

Vendor
CVE Published:
12 July 2026

What is CVE-2026-15491?

A vulnerability exists in RafyMrX's TOKO-ONLINE-ROTI that allows for missing authentication, enabling unauthorized access. This flaw can be exploited remotely, posing significant security risks as it permits manipulation without proper credential verification. The product adopts a rolling release strategy, which complicates the identification of specific affected versions or updates. The vendor has been notified of this issue but has remained unresponsive to concerns raised about its implications.

Affected Version(s)

TOKO-ONLINE-ROTI ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99

References

CVSS V4

Score:
6.9
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Dest1ny_1 (VulDB User)
VulDB CNA Team
.