External Sharing Feature Vulnerability in Cryptobox by Cryptobox
CVE-2026-6805

6.9MEDIUM

Key Information:

Vendor: Ercom
Status: Cryptobox
Vendor: CVE Published:; 7 May 2026

What is CVE-2026-6805?

A vulnerability exists in the external sharing feature of Cryptobox that permits unauthorized access to sensitive information when an attacker knows the sharing link URL. This flaw can potentially allow attackers to perform offline brute-force attacks to discover the access code associated with the link, posing serious risks to data confidentiality and integrity.

Affected Version(s)

Cryptobox 4.40.183

Cryptobox 4.37.248

References

https://info.cryptobox.com/doc/v4.40/4.40.en/

release-notes

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 7, 2026
Vulnerability Reserved
Apr 21, 2026

CVE-2026-6805 Data

JSON

Ercom

What is CVE-2026-6805?

Affected Version(s)

References

CVSS V4

Timeline