External risk intelligence

DevGuard could allow external attackers to gain full control of organizational resources.

DevGuard could allow external attackers to impersonate users by exploiting a weakness in the session login process. If an administrator account is targeted, attackers could gain full control over your organization's resources managed within the platform.

NVD published May 12, 2026 (3 days ago)

External risk briefCRITICAL

CVE-2026-42300

Halo Surface Signal

3/ 5

The vulnerability affects a web-based vulnerability management platform. While such systems are frequently deployed as web applications or APIs, they are not inherently designed as public-facing infrastructure like edge gateways or remote access portals. Internet reachability is plausible depending on the specific deployment, but it is not a defining characteristic of standard operations.

Exposure facts

CVSS

9.3

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

EPSS

0.05%

H – Horizon Alert

DevGuard contains a security flaw in its session authentication process where the system incorrectly trusts a user-provided identifier when a standard session cookie is not present. This vulnerability allows an unauthenticated individual to impersonate another user if they can identify that user’s unique account code. If an attacker impersonates an administrator or owner, they could gain unauthorized full control over the organization's resources managed within the platform.

A – Asset Exposure

DevGuard is used to manage vulnerability data across the software supply chain. If this system is accessible to your network, an unauthorized party could potentially manipulate request headers to impersonate legitimate users. If an administrator or owner account is targeted, this could result in a total loss of admin access and provide unauthorized control over your organization’s DevGuard resources.

L – Live Threat

Currently, the available context does not indicate active exploitation or observed targeting regarding this vulnerability. There are no known signals suggesting that this issue is currently being leveraged by threat actors in the wild. As a result, we are not observing immediate, live-threat indicators that warrant elevated urgency at this time.

O – Operational Fix

Please coordinate with your IT team to apply the available security update for the DevGuard platform. This update addresses an authentication flaw that could otherwise allow unauthorized access to administrative resources. We recommend prioritizing this update across all deployments to ensure the continued security of your software supply chain management.