CVE-2026-1433
uniFLOW Universal Login Manager (ULM) Standalone
contains an information disclosure vulnerability that may allow an
authenticated administrator to access sensitive configuration information
through the ULM Remote User Interface (RUI). Exploitation requires
administrative privileges and may disclose configuration data associated with
SMTP or LDAP integrations. ULM deployments connected to uniFLOW Server or
uniFLOW Online are not affected.
⚡ Watch CVE-2026-1433
Get an email if CVE-2026-1433 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.
Exploitation outlook
- Low exploitation risk0.22% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 12% of all EPSS-scored CVEs.
Advisory coverage (1)
External references
Embed the live status
— this badge updates automatically when the KEV or exploit status changes. How to embed it →
[](https://www.csirts.com/cve/CVE-2026-1433)