CVE-2025-26765

Summary

CVE-2025-26765 is a missing authorization vulnerability affecting the enituretechnology Distance Based Shipping Calculator. The issue stems from incorrectly configured access control security levels, enabling unauthorized access and potential exploitation. This vulnerability exists in versions 2.0.22 and prior of the Distance Based Shipping Calculator software. An attacker can take advantage of this flaw to gain unauthorized access and potentially compromise sensitive data or systems. Organizations using the enituretechnology Distance Based Shipping Calculator are urged to update to the latest version or implement additional security measures to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.