PatchSiren cyber security CVE debrief
CVE-2026-7402 MeWare Software Development Inc. CVE debrief
CVE-2026-7402 is an Improper Control of Interaction Frequency vulnerability in MeWare Software Development Inc. PDKS, allowing Flooding. This issue affects PDKS: from V16.20200313 before VMYR_3.5.2025117. The vulnerability has a CVSS score of 8.1 and is classified as HIGH severity.
- Vendor
- MeWare Software Development Inc.
- Product
- PDKS
- CVSS
- HIGH 8.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-04-30
- Original CVE updated
- 2026-06-06
- Advisory published
- 2026-04-30
- Advisory updated
- 2026-06-06
Who should care
Administrators and users of MeWare Software Development Inc. PDKS, particularly those using versions from V16.20200313 before VMYR_3.5.2025117, should be aware of this vulnerability and take necessary actions to mitigate the risk.
Technical summary
The vulnerability is caused by improper control of interaction frequency in MeWare Software Development Inc. PDKS, which allows for Flooding. The CVSS vector for this vulnerability is CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H.
Defensive priority
HIGH
Recommended defensive actions
- Update PDKS to version VMYR_3.5.2025117 or later.
- Implement measures to prevent Flooding attacks.
Evidence notes
The CVE record for CVE-2026-7402 can be found at [cve-org]. The NVD detail for this vulnerability is available at [nvd]. Additional information can be found at [ref-4] and [ref-5].
Official resources
CVE-2026-7402 was published on 2026-04-30T13:16:06.597Z and modified on 2026-06-06T08:16:54.607Z.