Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

Meona Server Component

Source -

CNA

CNA CVEs -

5

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
5Vulnerabilities found
CVE-2026-25602
Assigner-EU Agency for Cybersecurity (ENISA)
ShareView Details
Assigner-EU Agency for Cybersecurity (ENISA)
CVSS Score-4.4||MEDIUM
EPSS-Not Assigned
Published-20 May, 2026 | 10:54
Updated-20 May, 2026 | 14:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient Verification of Data Authenticity vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component makes it possible to send messages to any email address. This issue affects Meona Client Launcher Component: through 19.06.2020 15:11:49; Meona Server Component: through 2025.04 5+323020.

Action-Not Available
Vendor-Mesalvo
Product-Meona Server ComponentMeona Client Launcher Component
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2026-0857
Assigner-EU Agency for Cybersecurity (ENISA)
ShareView Details
Assigner-EU Agency for Cybersecurity (ENISA)
CVSS Score-6||MEDIUM
EPSS-Not Assigned
Published-20 May, 2026 | 10:50
Updated-20 May, 2026 | 14:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cleartext Storage of Sensitive Information in Memory vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component. This issue affects Meona Client Launcher Component: through 19.06.2020 15:11:49; Meona Server Component: through 2025.04 5+323020.

Action-Not Available
Vendor-Mesalvo
Product-Meona Server ComponentMeona Client Launcher Component
CWE ID-CWE-316
Cleartext Storage of Sensitive Information in Memory
CVE-2026-22315
Assigner-EU Agency for Cybersecurity (ENISA)
ShareView Details
Assigner-EU Agency for Cybersecurity (ENISA)
CVSS Score-7.2||HIGH
EPSS-Not Assigned
Published-20 May, 2026 | 10:46
Updated-20 May, 2026 | 14:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect Privilege Assignment vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component enables the export  of user data, including cleartext passwords, via the SQL editor. This issue affects Meona Client Launcher Component: through 19.06.2020 15:11:49; Meona Server Component: through 2025.04 5+323020.

Action-Not Available
Vendor-Mesalvo
Product-Meona Server ComponentMeona Client Launcher Component
CWE ID-CWE-266
Incorrect Privilege Assignment
CVE-2026-0856
Assigner-EU Agency for Cybersecurity (ENISA)
ShareView Details
Assigner-EU Agency for Cybersecurity (ENISA)
CVSS Score-7.8||HIGH
EPSS-Not Assigned
Published-20 May, 2026 | 10:38
Updated-20 May, 2026 | 14:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Access Control vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component enables a normal user gaining access to the admin panel. This issue affects Meona Client Launcher Component: through 19.06.2020 15:11:49; Meona Server Component: through 2025.04 5+323020.

Action-Not Available
Vendor-Mesalvo
Product-Meona Server ComponentMeona Client Launcher Component
CWE ID-CWE-284
Improper Access Control
CVE-2026-22314
Assigner-EU Agency for Cybersecurity (ENISA)
ShareView Details
Assigner-EU Agency for Cybersecurity (ENISA)
CVSS Score-9||CRITICAL
EPSS-Not Assigned
Published-20 May, 2026 | 10:29
Updated-20 May, 2026 | 14:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Control of Generation of Code ('Code Injection') vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component enables code execution on other users' systems. This issue affects Meona Client Launcher Component: through 19.06.2020 15:11:49; Meona Server Component: through 2025.04 5+323020.

Action-Not Available
Vendor-Mesalvo
Product-Meona Server ComponentMeona Client Launcher Component
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')