CyberRota
← Ana sayfaya dön

CVE-2026-10285

MEDIUM · CVSS 5.4 EPSS %0.23 Public Exploit

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-01T21:16:25.310 · Çekilme zamanı: 2026-06-30T12:06:41.682344+00:00

CyberRota Yorumu

Uzaktan istismar edilebilir olabilir.

Public Exploit Sinyali

Bu CVE için açıklama veya referanslarda public exploit / PoC / GitHub / Metasploit sinyali tespit edildi.

GitHub PoC Linkleri
github.com github.com

Not: Bu bağlantılar yalnızca güvenlik araştırması ve doğrulama amacıyla listelenmiştir.

CVE
CVE-2026-10285
Severity
MEDIUM
CVSS
5.4
EPSS
%0.23

Orijinal NVD Açıklaması

A vulnerability has been found in DevaslanPHP project-management up to 2.0.0-beta1. Affected by this issue is the function KanbanScrumHelper::recordUpdated of the file app/Helpers/KanbanScrumHelper.php of the component Ticket Handler. The manipulation leads to improper authorization. The attack is possible to be carried out remotely. The project was informed of the problem early through an issue report but has not responded yet.