CVE Catalog

CVE-2026-4522

MediumCVSS 6.7
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.12%

2th percentile — higher than 2% of all known CVEs

Summary

Missing authentication for critical function vulnerability in HYPR Passwordless on Windows allows Credentials Interception. This issue affects HYPR Passwordless: before 11.1.1.

Risk Assessment

An attacker can intercept user credentials, leading to unauthorized access to systems and data.

Recommendation

It is recommended to immediately update HYPR Passwordless to version 11.1.1 or later.

Original NVD description (English source)

Missing authentication for critical function vulnerability in HYPR Passwordless on Windows allows Credentials Interception. This issue affects HYPR Passwordless: before 11.1.1.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS