A Stored Cross-Site Scripting (XSS) vulnerability occurs in Vinna Process Monitor
CVE-2026-41031

9.3CRITICAL

Key Information:

Vendor: Skilja Gmbh
Status: Vinna Process Monitor
Vendor: CVE Published:; 9 June 2026

🔔 Create Skilja Gmbh Vulnerability Alert

What is CVE-2026-41031?

A Stored Cross-Site Scripting vulnerability in Vinna Process Monitor Version 4.0 Service Pack 1 (Build 63255) allows an authenticated remote attacker with low privileges to inject malicious JavaScript code into the application. This enables attackers to steal administrative access tokens and session credentials.

Affected Version(s)

Vinna Process Monitor 3.1.2 < 4.0.6

References

https://partner.skilja.com/uncategorized/security-advisor...

CVSS V4

Score:

9.3

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 9, 2026
Vulnerability Reserved
Apr 16, 2026

Credit

Michał Bartoszuk and Maciej Włodarczyk @STM Cyber

CVE-2026-41031 Data

JSON