CVE Catalog
CVE-2026-10763
HighCVSS 7.0Exploitation Probability (EPSS)
Low risk0.35%
27th percentile — higher than 27% of all known CVEs
Summary
The vulnerability in PROMOD V is due to the use of insecure HTTP instead of HTTPS. The issue originates from the Digipede server lacking HTTPS support.
Risk Assessment
The risk involves potential interception and modification of data transmitted between components, which could lead to sensitive information leakage or man-in-the-middle attacks.
Recommendation
Enforce HTTPS by configuring the Digipede server or implement additional security measures such as a VPN tunnel to protect the communication.
Original NVD description (English source)
PROMOD V is using insecure HTTP communication instead of HTTPS. The vulnerability is due to the lack of HTTPS support from 3rd party Digipede server.

