Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

flexcity

Source -

NVD

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

3
Related CVEsRelated VendorsRelated AssignersReports
3Vulnerabilities found
CVE-2026-1619
Assigner-TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)
ShareView Details
Assigner-TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)
CVSS Score-8.3||HIGH
EPSS-0.04% / 12.78%
||
7 Day CHG~0.00%
Published-13 Feb, 2026 | 13:20
Updated-02 Mar, 2026 | 13:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IDOR in Universal Sotware's FlexCity/Kiosk

Authorization Bypass Through User-Controlled Key vulnerability in Universal Software Inc. FlexCity/Kiosk allows Exploitation of Trusted Identifiers.This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36.

Action-Not Available
Vendor-uni-yazUniversal Software Inc.
Product-flexcityFlexCity/Kiosk
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CVE-2026-1618
Assigner-TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)
ShareView Details
Assigner-TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)
CVSS Score-8.8||HIGH
EPSS-0.06% / 17.29%
||
7 Day CHG~0.00%
Published-13 Feb, 2026 | 13:14
Updated-02 Mar, 2026 | 13:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Admin Account Takeover in Universal Sotware's FlexCity/Kiosk

Authentication Bypass Using an Alternate Path or Channel vulnerability in Universal Software Inc. FlexCity/Kiosk allows Privilege Escalation.This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36.

Action-Not Available
Vendor-uni-yazUniversal Software Inc.
Product-flexcityFlexCity/Kiosk
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CVE-2025-14349
Assigner-TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)
ShareView Details
Assigner-TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)
CVSS Score-8.8||HIGH
EPSS-0.05% / 15.65%
||
7 Day CHG~0.00%
Published-13 Feb, 2026 | 13:09
Updated-02 Mar, 2026 | 13:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Business Logic Error in Universal Software's FlexCity/Kiosk

Privilege Defined With Unsafe Actions, Missing Authentication for Critical Function vulnerability in Universal Software Inc. FlexCity/Kiosk allows Accessing Functionality Not Properly Constrained by ACLs, Privilege Escalation.This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36.

Action-Not Available
Vendor-uni-yazUniversal Software Inc.
Product-flexcityFlexCity/Kiosk
CWE ID-CWE-267
Privilege Defined With Unsafe Actions
CWE ID-CWE-306
Missing Authentication for Critical Function