Plaintext Storage Vulnerability in OpenConcerto by ILM Informatique
CVE-2026-6500

4.8MEDIUM

Key Information:

Vendor: Ilm Informatique
Status: Openconcerto
Vendor: CVE Published:; 4 May 2026

🔔 Create Ilm Informatique Vulnerability Alert

What is CVE-2026-6500?

The OpenConcerto product developed by ILM Informatique is susceptible to a vulnerability where passwords are stored in plaintext. This security flaw allows for the potential retrieval of sensitive embedded data, posing a substantial risk for data integrity and confidentiality. Users of OpenConcerto version 1.7.5 should assess their security posture and take necessary precautions to mitigate potential exploitation of this vulnerability.

Affected Version(s)

OpenConcerto 1.7.5

References

https://www.openconcerto.org/fr/version-1.7.html

product

CVSS V4

Score:

4.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 4, 2026
Vulnerability Reserved
Apr 17, 2026

Credit

Dominique Righetto

CVE-2026-6500 Data

JSON