PatchSiren cyber security CVE debrief

CVE-2026-4104 Akmer Informatics Automation Industry and Trade Ltd. Co. CVE debrief

CVE-2026-4104 is a critical vulnerability affecting TeknoPass, an Automation Industry and Trade Ltd. Co. product by Akmer Informatics. The issue, with a CVSS score of 9.8, allows for authorization bypass through a user-controlled SQL primary key, enabling SQL injection attacks. This vulnerability affects TeknoPass versions from 20210501 through 20260429. The CVE was published on [cvePublishedAt](https://www.cve.org/CVERecord?id=CVE-2026-4104) and last modified on [cveModifiedAt](https://nvd.nist.gov/vuln/detail/CVE-2026-4104).

Vendor: Akmer Informatics Automation Industry and Trade Ltd. Co.
Product: TeknoPass
CVSS: CRITICAL 9.8
CISA KEV: Not listed in stored evidence
Original CVE published: 2026-06-04
Original CVE updated: 2026-06-04
Advisory published: 2026-06-04
Advisory updated: 2026-06-04

Who should care

Security teams and administrators responsible for TeknoPass installations should prioritize patching this vulnerability to prevent potential SQL injection attacks.

Technical summary

The vulnerability is caused by a user-controlled SQL primary key, which allows attackers to inject malicious SQL code. This can lead to unauthorized access, data breaches, and other malicious activities.

Defensive priority

High

Recommended defensive actions

Apply patches or updates provided by the vendor to fix the vulnerability.
Implement additional security measures, such as input validation and sanitization, to prevent SQL injection attacks.
Monitor systems for suspicious activity and implement incident response plans.

Evidence notes

The CVE record [cve-org] and NVD detail [nvd] provide official information about the vulnerability. Additional information can be found in the source reference [ref-4].

Official resources

CVE-2026-4104 was published on 2026-06-04T12:16:26.417Z and last modified on 2026-06-04T15:20:18.097Z.