CVE-2025-26155_CVE-2025-26155

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

NCP Secure Enterprise Client 13.18 and NCP Secure Entry Windows Client 13.19 have an Untrusted Search Path vulnerability.

AI Analysis

Untrusted Search Path vulnerability in NCP Secure Enterprise Client and NCP Secure Entry Windows Client

Basic Information

ID CVE-2025-26155

Source mitre

Published Nov 26, 2025 at 00:00

Modified Dec 2, 2025 at 16:57

Affected Product

Vendor n/a

Product n/a

Version n/a

Affected Versions n/a n/a n/a

CWE Classification

CWE-426

AI Assessment

AI Score 9.8 / 10

AI Severity Critical

Vendor NCP

Product NCP Secure Enterprise Client, NCP Secure Entry Windows Client

Version 13.18, 13.19

References

{
    "lastseen": "",
    "description": "NCP Secure Enterprise Client 13.18 and NCP Secure Entry Windows Client 13.19 have an Untrusted Search Path vulnerability.",
    "published": "2025-11-26T00:00:00.000Z",
    "modified": "2025-12-02T16:57:56.487Z",
    "type": "cve",
    "title": "CVE-2025-26155",
    "source": "mitre",
    "references": "https://pentest.axians.de/viewer.html?file=cve-2025-26155/CVE-axians-eng.pdf\nhttps://www.ncp-e.com/",
    "id": "CVE-2025-26155",
    "bulletinFamily": "",
    "cwe": [
        "CWE-426"
    ],
    "cvelist": null,
    "sourceData": "n/a n/a n/a",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "n/a",
    "version": "n/a",
    "vendor": "n/a",
    "ai_description": "Untrusted Search Path vulnerability in NCP Secure Enterprise Client and NCP Secure Entry Windows Client",
    "ai_severity": "Critical",
    "ai_vendor": "NCP",
    "ai_product": "NCP Secure Enterprise Client, NCP Secure Entry Windows Client",
    "ai_version": "13.18, 13.19",
    "ai_score": 9.8
}