CVE-2026-2328

High

Published: 30 March 2026

Published

30 March 2026

Modified

30 March 2026

KEV Added

—

Patch

—

CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Score 0.0003 10.3th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-2328 is a high-severity Improper Filtering of Special Elements (CWE-790) vulnerability in Certvde (inferred from references). Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 10.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-10 (Information Input Validation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Directly addresses insufficient input validation by requiring checks on inputs to prevent path traversal exploitation as in CVE-2026-2328.

AC-3 Access Enforcement good match

prevent

Enforces access authorizations to block unauthorized access to backend components beyond intended scope despite path traversal attempts.

SC-7 Boundary Protection partial match

preventdetect

Monitors and controls communications at boundaries to inspect and block network-based path traversal payloads targeting this vulnerability.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1005 Data from Local System Collection

Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.

attack.mitre.org →

Why these techniques?

Path traversal in public-facing app enables remote unauthenticated info disclosure, directly mapping to exploitation of exposed services and local data access.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

An unauthenticated remote attacker can exploit insufficient input validation to access backend components beyond their intended scope via path traversal, resulting in exposure of sensitive information.

Deeper analysisAI

CVE-2026-2328 is a vulnerability caused by insufficient input validation, enabling path traversal attacks that allow access to backend components beyond their intended scope and resulting in the exposure of sensitive information. Published on 2026-03-30, it is associated with CWE-790 and carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), indicating high severity primarily due to confidentiality impact.

An unauthenticated remote attacker can exploit this vulnerability over the network with low attack complexity and no user interaction required. Successful exploitation grants access to sensitive information without privileges, scope changes, or disruption to integrity or availability.

Mitigation details are available in the referenced advisory at https://certvde.com/de/advisories/VDE-2026-010.

Details

CWE(s): CWE-790

Affected Products

Certvde

—

inferred from references and description; NVD did not file a CPE for this CVE

CVEs Like This One

CVE-2025-27260Shared CWE-790

CVE-2025-15576Shared CWE-790

References

https://certvde.com/de/advisories/VDE-2026-010
info@cert.vde.com