CVE-2025-26312 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	UNKNOWN				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 16%

Common Weakness Enumeration

CWE-472 - External Control of Assumed-Immutable Web Parameter
The web application does not sufficiently verify inputs that are assumed to be immutable but are actually externally controllable, such as hidden form fields.

References

https://medium.com/@retro.metro/cve-2025-26312-captcha-bypass-vulnerability-in-sendquick-entera-devices-68708e203216

https://www.sendquick.com/products/sendquick-entera/