Cyber Resilience

CVE-2026-2414

Medium

Published: 25 March 2026

Published
25 March 2026
Modified
01 April 2026
KEV Added
Patch
CVSS Score v4 5.6 CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0029 20.6th percentile
Risk Priority 35 floored blend · peak EPSS

Summary

CVE-2026-2414 is a medium-severity Authorization Bypass Through User-Controlled Key (CWE-639) vulnerability in Hypr Hypr. Its CVSS base score is 5.6 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 20.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-10 (Information Input Validation).

Deeper analysis

CVE-2026-2414 is an authorization bypass vulnerability caused by a user-controlled key in the HYPR Server, enabling privilege escalation. The issue affects HYPR Server versions from 9.5.2 up to but not including 10.7.2.

With a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), the vulnerability is exploitable remotely over the network by unauthenticated attackers with low complexity and no user interaction required. Successful exploitation allows attackers to achieve high-impact disruption to confidentiality, integrity, and availability through privilege escalation.

Mitigation details are available in the vendor's security advisory at https://www.hypr.com/trust-center/security-advisories. The vulnerability is addressed in HYPR Server version 10.7.2 and later.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Authorization bypass through User-Controlled key vulnerability in HYPR Server allows Privilege Escalation.This issue affects Server: from 9.5.2 before 10.7.2.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Authorization bypass on public-facing HYPR Server directly enables remote unauthenticated exploitation (T1190) leading to privilege escalation (T1068).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-14996Shared CWE-639
CVE-2020-37094Shared CWE-639
CVE-2025-67165Shared CWE-639
CVE-2025-5947Shared CWE-639
CVE-2025-15018Shared CWE-639
CVE-2026-7399Shared CWE-639
CVE-2024-10497Shared CWE-639
CVE-2026-25147Shared CWE-639
CVE-2026-1619Shared CWE-639
CVE-2025-69274Shared CWE-639

Affected Assets

hypr
hypr
9.5.2 — 10.7.2

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Enforces approved authorizations for access to system resources, directly preventing authorization bypass via user-controlled keys that enable privilege escalation.

prevent

Validates the correctness of user-controlled inputs like keys, blocking manipulation that leads to authorization bypass and privilege escalation.

prevent

Limits user and process privileges to the minimum necessary, reducing the potential impact and scope of privilege escalation even if a bypass occurs.

References