CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-41879

unknowncovered by 1 sourcefirst seen 2026-07-10
R-SOFT DMS stores superadmin credentials using a non-salted nested MD5 hash. This allows an attacker who obtain password hash to decode superadmin credentials. Critically, this password cannot be changed except by modifying the configuration file. This issue was fixed in version v3.17-2000.

⚡ Watch CVE-2026-41879

Get an email if CVE-2026-41879 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (1)

External references

NVD record for CVE-2026-41879

CVE.org record

Embed the live status

CVE-2026-41879 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2026-41879 status](https://www.csirts.com/badge/CVE-2026-41879)](https://www.csirts.com/cve/CVE-2026-41879)