Overview
CVE ID: CVE-2026-8672
Severity: Medium
CVSS Score: 5.1
Affected Product(s): Avantra
Fixed Version(s): 25.3.x
Description
Use of default password vulnerability in Avantra on Linux, Windows allows Try Common or Default Usernames and Passwords. This issue affects Avantra: before 25.3.0
Impact
Vector: Local
Confidentiality: High
Integrity: Low
Availability: None
Exploitation Status: No known exploits in the wild
Solution & Mitigation
Primary Action: Upgrade to version 25.3.x
References
Contact & Credits
Reported by: Special thanks to Vicxer Inc. for identifying this vulnerability and working with us to strengthen our platform’s security.
Support: support@avantra.com
We, at Avantra, take the security of our software and our customers very seriously and it is our top priority. We will keep you up to date as more information becomes available and encourage customers to subscribe to the security section of our forum to get proactive updates as we post them.