CVE Catalog
CVE-2026-57323
MediumCVSS 5.8Exploitation Probability (EPSS)
Low risk0.23%
13th percentile — higher than 13% of all known CVEs
Summary
The Flash & HTML5 Video plugin version 2.11.0 and earlier contains an unauthenticated broken access control vulnerability. An attacker can gain unauthorized access to functions or data without required authentication.
Risk Assessment
The risk involves potential unauthorized access to sensitive data or plugin functions, which may lead to confidentiality and integrity breaches.
Recommendation
It is recommended to immediately update the Flash & HTML5 Video plugin to the latest available version that fixes this vulnerability. Also review access control configuration in the system.
Original NVD description (English source)
Unauthenticated Broken Access Control in Flash & HTML5 Video <= 2.11.0 versions.

