Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-1658

Summary
Assigner-OpenText
Assigner Org ID-f81092c5-7f14-476d-80dc-24857f90be84
Published At-19 Feb, 2026 | 22:40
Updated At-19 Feb, 2026 | 22:40
Rejected At-
Credits

Content spoofing vulnerability discovered in OpenText™ Directory Services

User Interface (UI) Misrepresentation of Critical Information vulnerability in OpenText™ Directory Services allows Cache Poisoning.  The vulnerability could be exploited by a bad actor to inject manipulated text into the OpenText application, potentially misleading users. This issue affects Directory Services: from 20.4.1 through 25.2.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:OpenText
Assigner Org ID:f81092c5-7f14-476d-80dc-24857f90be84
Published At:19 Feb, 2026 | 22:40
Updated At:19 Feb, 2026 | 22:40
Rejected At:
▼CVE Numbering Authority (CNA)
Content spoofing vulnerability discovered in OpenText™ Directory Services

User Interface (UI) Misrepresentation of Critical Information vulnerability in OpenText™ Directory Services allows Cache Poisoning.  The vulnerability could be exploited by a bad actor to inject manipulated text into the OpenText application, potentially misleading users. This issue affects Directory Services: from 20.4.1 through 25.2.

Affected Products
Vendor
Open Text CorporationOpenText™
Product
Directory Services
Default Status
unaffected
Versions
Affected
  • From 20.4.1 through 25.2 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-451CWE-451 User Interface (UI) Misrepresentation of Critical Information
Type: CWE
CWE ID: CWE-451
Description: CWE-451 User Interface (UI) Misrepresentation of Critical Information
Metrics
VersionBase scoreBase severityVector
4.05.3MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/S:N/AU:N/R:A/V:D/RE:L/U:Clear
Version: 4.0
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/S:N/AU:N/R:A/V:D/RE:L/U:Clear
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-141CAPEC-141 Cache Poisoning
CAPEC ID: CAPEC-141
Description: CAPEC-141 Cache Poisoning
Solutions

https://support.opentext.com/csm?id=ot_kb_unauthenticated&sysparm_article=KB0858517

Configurations
Workarounds
Exploits
Credits
finder
Andrej Šimko of Accenture
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://support.opentext.com/csm?id=ot_kb_unauthenticated&sysparm_article=KB0858517
N/A
Hyperlink: https://support.opentext.com/csm?id=ot_kb_unauthenticated&sysparm_article=KB0858517
Resource: N/A
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@opentext.com
Published At:19 Feb, 2026 | 23:16
Updated At:20 Feb, 2026 | 13:49

User Interface (UI) Misrepresentation of Critical Information vulnerability in OpenText™ Directory Services allows Cache Poisoning.  The vulnerability could be exploited by a bad actor to inject manipulated text into the OpenText application, potentially misleading users. This issue affects Directory Services: from 20.4.1 through 25.2.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.05.3MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:A/V:D/RE:L/U:Clear
Type: Secondary
Version: 4.0
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:A/V:D/RE:L/U:Clear
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-451Primarysecurity@opentext.com
CWE ID: CWE-451
Type: Primary
Source: security@opentext.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://support.opentext.com/csm?id=ot_kb_unauthenticated&sysparm_article=KB0858517security@opentext.com
N/A
Hyperlink: https://support.opentext.com/csm?id=ot_kb_unauthenticated&sysparm_article=KB0858517
Source: security@opentext.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

0Records found
Details not found