CVE Catalog
CVE-2026-27433
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk0.25%
17th percentile — higher than 17% of all known CVEs
Summary
The Motors plugin versions up to 5.6.80 contain an unauthenticated broken access control vulnerability. An attacker without authentication can bypass security measures and gain unauthorized access to functions or data.
Risk Assessment
The risk involves unauthorized access to sensitive functions or data without requiring login, potentially leading to confidentiality and integrity breaches.
Recommendation
Immediately update the Motors plugin to version 5.6.81 or later, which fixes this vulnerability. Also review the access control configuration in the system.
Original NVD description (English source)
Unauthenticated Broken Access Control in Motors <= 5.6.80 versions.

