CVE-2026-1019
BaseFortify
Publication date: 2026-01-16
Last updated on: 2026-01-16
Assigner: TWCERT/CC
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| gotac | police_statistics_database_system | to 1.0.3 (exc) |
| gotac | police_statistics_database_system | From 1.0.3 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-306 | The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-1019 is a Missing Authentication vulnerability in the Police Statistics Database System developed by Gotac. It allows unauthenticated remote attackers to read, modify, and delete the contents of the database by exploiting a specific functionality within the system. This means attackers can fully compromise the database without needing to log in or authenticate. [1, 2]
How can this vulnerability impact me? :
This vulnerability can lead to a full compromise of the Police Statistics Database System's data. Attackers can remotely access the database without authentication and read sensitive information, alter data integrity by modifying records, or disrupt availability by deleting database contents. This can result in loss of critical data, unauthorized data exposure, and operational disruption. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
The immediate step to mitigate this vulnerability is to update the Police Statistics Database System to version 1.0.3 or later. [1, 2]