CRITICAL SeverityCVSS 4.09.1CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/S:N/AU:N/R:U/V:C/RE:M/U:Amber

CVE-2026-30805

Last updated May 12, 2026 · Published May 12, 2026

← Back to list

Description

Insecure Default Initialization of Resource vulnerability allows Authentication Bypass via API access. This issue affects Pandora FMS: from 777 through 800

Affected products

1 listed

Pandora FMS:Pandora FMS

Mappings

CWE

CWE-1188

CAPEC

CAPEC-115CAPEC-59

Research

AuthenticationA threat-focused guide to authentication, covering attack paths, design pitfalls, and concrete defenses from…

Guides

JWT Security Best PracticesWhat to validate, rotate, and avoid in real systems.
OAuth 2.0 Security Best PracticesCommon pitfalls in PKCE, tokens, and redirect handling.

Training

Secure Defaults in Modern FrameworksHow Rails, Next.js, Django, and Spring protect you - and where they don't.
Authentication PatternsOAuth 2.1, passkeys, WebAuthn, and JWTs - modern identity for modern apps.

CVE-2026-30805

Description

Affected products

Mappings

Related