Improper Access Control in sambitraj STUDENT-MANAGEMENT-SYSTEM Dashboard Component
CVE-2026-9562

6.9MEDIUM

Key Information:

Vendor: Sambitraj
Status: Student-management-system
Vendor: CVE Published:; 26 May 2026

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2026-9562?

A vulnerability exists in the dashboard component of the sambitraj STUDENT-MANAGEMENT-SYSTEM, where improper access controls can be exploited remotely. This flaw allows unauthorized users to manipulate system functions, posing a significant security risk. The product is maintained on a rolling release basis, resulting in a lack of version information for affected and updated releases. Multiple endpoints are impacted, and despite early notification of the problem via an issue report, the project has yet to address the vulnerability publicly.

Affected Version(s)

STUDENT-MANAGEMENT-SYSTEM 56ba287f2e9031523ccb4244cb6e3fe530e4e5d5

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2026-9562 - Proof of Concept

References

https://vuldb.com/vuln/365625

vdb-entry

https://vuldb.com/vuln/365625/cti

signaturepermissions-required

https://vuldb.com/submit/815536

third-party-advisory

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
May 26, 2026
👾
Exploit known to exist
May 26, 2026
Vulnerability published
May 26, 2026
Vulnerability Reserved
May 26, 2026

Credit

Harry_You (VulDB User)

VulDB CNA Team

CVE-2026-9562 Data

JSON

Sambitraj