PatchSiren cyber security CVE debrief
CVE-2026-49764 Metagauss CVE debrief
CVE-2026-49764 is a critical vulnerability with a CVSS score of 9.8. It affects RegistrationMagic plugin versions <= 6.0.8.6 and allows unauthenticated broken authentication. The vulnerability was published on [cvePublishedAt] and last modified on [cveModifiedAt].
- Vendor
- Metagauss
- Product
- RegistrationMagic
- CVSS
- CRITICAL 9.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-15
- Original CVE updated
- 2026-06-15
- Advisory published
- 2026-06-15
- Advisory updated
- 2026-06-15
Who should care
Users of RegistrationMagic plugin versions <= 6.0.8.6 should apply patches immediately to prevent exploitation.
Technical summary
The vulnerability is caused by unauthenticated broken authentication in RegistrationMagic plugin versions <= 6.0.8.6. This allows attackers to bypass authentication mechanisms.
Defensive priority
high
Recommended defensive actions
- Apply patches for RegistrationMagic plugin versions <= 6.0.8.6.
- Review and update authentication mechanisms for RegistrationMagic plugin.
Evidence notes
Evidence from Patchstack indicates a vulnerability in RegistrationMagic plugin.
Official resources
-
CVE-2026-49764 CVE record
CVE.org
-
CVE-2026-49764 NVD detail
NVD
-
Source item URL
nvd_modified
- Mitigation or vendor reference
CVE-2026-49764 was published on 2026-06-15T21:17:21.470Z and last modified on 2026-06-15T21:24:32.790Z.