CVE-2026-40434
HIGHDescription
Anviz CrossChex Standard lacks source verification in the client/server channel, enabling TCP packet injection by an attacker on the same network to alter or disrupt application traffic.
Is your site exposed to CVE-2026-40434?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
EPSS — Exploit Prediction
EPSS estimates the probability that this vulnerability will be exploited in the wild within the next 30 days. A higher score means more likely to be exploited.
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| anviz | crosschex_standard |
References
Frequently Asked Questions
What is CVE-2026-40434? +
How severe is CVE-2026-40434? +
What products are affected by CVE-2026-40434? +
How do I check if I'm vulnerable to CVE-2026-40434? +
Related Vulnerabilities
Some payload elements of the messages sent between two stations in a networking architecture are not properly checked on the …
Tina is a headless content management system. In versions prior to @tinacms/app 2.5.6 and tinacms 3.9.3, cross-origin postMessage handlers and …
An issue in SHENZHEN TENDA TECHNOLOGY CO.,LTD Tenda AX2pro V16.03.29.48_cn allows a remote attacker to execute arbitrary code via the …
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to …
Lanscope Endpoint Manager (On-Premises) (Client program (MR) and Detection agent (DA)) improperly verifies the origin of incoming requests, allowing an …
SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation …