Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

keystorage

Source -

NVD

BOS Name -

N/A

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

5
Related CVEsRelated ProductsRelated AssignersReports
5Vulnerabilities found
CVE-2026-26721
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-7.1||HIGH
EPSS-0.04% / 13.12%
||
7 Day CHG-0.01%
Published-20 Feb, 2026 | 00:00
Updated-26 Feb, 2026 | 17:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in Key Systems Inc Global Facilities Management Software v.20230721a allows a remote attacker to obtain sensitive information via the sid query parameter.

Action-Not Available
Vendor-keystoragen/a
Product-global_facilities_management_softwaren/a
CWE ID-CWE-598
Use of GET Request Method With Sensitive Query Strings
CVE-2026-26722
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-9.4||CRITICAL
EPSS-0.14% / 34.08%
||
7 Day CHG+0.09%
Published-20 Feb, 2026 | 00:00
Updated-26 Feb, 2026 | 17:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in Key Systems Inc Global Facilities Management Software v.20230721a allows a remote attacker to escalate privileges via PIN component of the login functionality.

Action-Not Available
Vendor-keystoragen/a
Product-global_facilities_management_softwaren/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2026-26723
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-8.2||HIGH
EPSS-0.06% / 19.42%
||
7 Day CHG~0.00%
Published-20 Feb, 2026 | 00:00
Updated-26 Feb, 2026 | 17:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross Site Scripting vulnerability in Key Systems Inc Global Facilities Management Software v. 20230721a allows a remote attacker to execute arbitrary code via the function parameter.

Action-Not Available
Vendor-keystoragen/a
Product-global_facilities_management_softwaren/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2026-26724
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-7.6||HIGH
EPSS-0.06% / 19.22%
||
7 Day CHG~0.00%
Published-20 Feb, 2026 | 00:00
Updated-26 Feb, 2026 | 23:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross Site Scripting vulnerability in Key Systems Inc Global Facilities Management Software v. 20230721a allows a remote attacker to execute arbitrary code via the selectgroup and gn parameters on the /?Function=Groups endpoint.

Action-Not Available
Vendor-keystoragen/a
Product-global_facilities_management_softwaren/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2022-45766
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-0.75% / 72.77%
||
7 Day CHG-0.51%
Published-10 Feb, 2023 | 00:00
Updated-24 Mar, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Hardcoded credentials in Global Facilities Management Software (GFMS) Version 3 software distributed by Key Systems Management permits remote attackers to impact availability, confidentiality, accessibility and dependability of electronic key boxes.

Action-Not Available
Vendor-keystoragen/a
Product-global_facilities_management_softwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-798
Use of Hard-coded Credentials