Vulnerabilities ›

CVE-2026-7382

Medium

CWE-200 — Weakness Type

                    Published: Apr 30, 2026                      ·  Modified: May 3, 2026                      ·  Source: NVD                

CVSS v3

6.5

🔗 NVD Official

📄 Description (English)

Exposure of Sensitive Information to an Unauthorized Actor, Exposure of private personal information to an unauthorized actor vulnerability in MeWare Software Development Inc. PDKS allows Excavation.

This issue affects PDKS: from V16.20200313 before VMYR_3.5.2025117.

🤖 AI Executive Summary

CVE-2026-7382 is a sensitive information exposure vulnerability in MeWare PDKS software that allows unauthorized actors to access private personal information through excavation techniques. The vulnerability affects PDKS versions from V16.20200313 through VMYR_3.5.2025117 and requires immediate patching.

📄 Description (Arabic)

ثغرة تسريب المعلومات الحساسة في برنامج MeWare PDKS تسمح للجهات غير المصرحة بالوصول إلى المعلومات الشخصية الخاصة. تؤثر الثغرة على الإصدارات من V16.20200313 إلى VMYR_3.5.2025117. يتطلب الإصلاح ترقية فورية للبرنامج والتحقق من سجلات الوصول.

🤖 ملخص تنفيذي (AI)

This vulnerability in MeWare PDKS exposes private personal information to unauthorized actors, potentially compromising customer and employee data. Organizations using affected PDKS versions must upgrade to patched releases immediately to prevent data breaches.

🤖 AI Intelligence Analysis Analyzed: May 11, 2026 02:01

🇸🇦 Saudi Arabia Impact Assessment

Saudi Relevance: high

🏢 Affected Saudi Sectors

banking telecom government healthcare

🎯 MITRE ATT&CK Techniques

T1020 T1041 T1005 T1213

⚖️ Saudi Risk Score (AI)

7.0

/ 10.0

🔧 Remediation Steps (English)

Upgrade MeWare PDKS to version VMYR_3.5.2025117 or later immediately. Implement network segmentation to restrict access to PDKS systems. Conduct security audit of data access logs to identify potential unauthorized access. Enable enhanced monitoring and logging on PDKS instances.

🔧 خطوات المعالجة (العربية)

قم بترقية برنامج MeWare PDKS إلى الإصدار VMYR_3.5.2025117 أو أحدث فوراً. طبق تقسيم الشبكة لتقييد الوصول إلى أنظمة PDKS. أجرِ تدقيق أمني لسجلات الوصول إلى البيانات للتحقق من الوصول غير المصرح. فعّل المراقبة والتسجيل المحسّن على مثيلات PDKS.

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

A.7.1.1 A.7.1.2 A.8.1.1 A.12.4.1

🔵 SAMA CSF

ID.RA-2 PR.AC-1 PR.DS-1 DE.CM-1

🟡 ISO 27001:2022

A.5.1.1 A.6.1.1 A.7.1.1 A.8.2.1 A.12.4.1

🔗 References & Sources 1

🔗

https://www.usom.gov.tr/bildirim/tr-26-0141

iletisim@usom.gov.tr

📊 CVSS Score

6.5

/ 10.0 — Medium

📊 CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Attack VectorN — None / Network

Attack ComplexityL — Low / Local

Privileges RequiredL — Low / Local

User InteractionN — None / Network

ScopeU — Unchanged

ConfidentialityH — High

IntegrityN — None / Network

AvailabilityN — None / Network

📋 Quick Facts

Severity Medium

CVSS Score6.5

CWECWE-200

EPSS0.01%

Exploit No

Patch ✗ No

Published 2026-04-30

Source Feed nvd

🇸🇦 Saudi Risk Score

7.0

/ 10.0 — Saudi Risk

Priority: HIGH

🏷️ Tags

CWE-200

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

CVE-2026-7382

Introduce Yourself

Sign In Required