CVE-2026-12058 | The connection confirmation pop-up of a specific feature in … | CVSS 5.3 MEDIUM

Description

The connection confirmation pop-up of a specific feature in the PcSuite can be bypassed.

CVE ID: CVE-2026-12058
State: PUBLISHED
Assigner: Vivo
Reserved: 2026-06-12 03:02 UTC
Published: 2026-06-12 08:02 UTC
Last updated: 2026-06-12 13:47 UTC
Primary CWE: CWE-807
CWE-807 Reliance on untrusted inputs in a security decision
Vendor / Product: vivo / PcSuite
Sources: cve.org · NVD

5.3 MEDIUM CVSS 4.0

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

SSVC — CISA Coordinator

Affected products (1)

Vendor	Product	Platform	Versions
vivo	PcSuite	—	Versions below 6.2.0

Weakness (CWE)

CWE	Source	Description
CWE-807	cna	CWE-807 Reliance on untrusted inputs in a security decision

CVSS scores (1)

Score	Severity	Version	Source	Vector
5.3	MEDIUM	4.0	cna	CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

References (1)