CVE-2026-36035
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
14/07/2026
Last modified:
14/07/2026
Description
Incorrect access control in the /api/License/deactivateOffline endpoint of CAXPerts UniversalPlantViewer WebServices Server v2.7.6 allows authenticated attackers with low-level privileges to cause a Denial of Service (DoS) via removing the license from the webserver.



