PatchSiren cyber security CVE debrief
CVE-2026-39169 SEMCMS CVE debrief
CVE-2026-39169 is a HIGH-severity vulnerability (CVSS Score: 7.5) affecting SEMCMS 5.0. The vulnerability allows for unauthorized access in SEMCMS_copy.php. The CVE was published on [cvePublishedAt]2026-06-09T19:17:48.183Z[/cvePublishedAt] and modified on [cveModifiedAt]2026-06-09T21:17:11.650Z[/cveModifiedAt].
- Vendor
- SEMCMS
- Product
- SEMCMS 5.0
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-09
- Original CVE updated
- 2026-06-09
- Advisory published
- 2026-06-09
- Advisory updated
- 2026-06-09
Who should care
Users of SEMCMS 5.0 should be aware of this vulnerability and take necessary actions to mitigate the risk.
Technical summary
The vulnerability is caused by a lack of proper access control in SEMCMS_copy.php, allowing unauthorized access to sensitive data. The CVSS vector for this vulnerability is CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N.
Defensive priority
HIGH
Recommended defensive actions
- Apply patches or updates provided by the vendor to fix the vulnerability.
- Restrict access to SEMCMS_copy.php to authorized users only.
- Monitor the system for suspicious activity.
Evidence notes
The CVE record can be found at [resourceLinkAnnotations id='cve-org']CVE.org[/resourceLinkAnnotations]. The NVD detail page is available at [resourceLinkAnnotations id='nvd']NVD[/resourceLinkAnnotations]. A source reference can be found at [resourceLinkAnnotations id='ref-4']gist.github.com[/resourceLinkAnnotations].
Official resources
-
CVE-2026-39169 CVE record
CVE.org
-
CVE-2026-39169 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
This debrief is based on data from [sourceItem]Source item URL[/sourceItem].