| TVN ID | TVN-202606007 |
|---|---|
| CVE ID | CVE-2026-14161, CVE-2026-14162 |
| CVSS | 【CVE-2026-14161】 7.5 (High) CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 【CVE-2026-14162】 9.8 (Critical) CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Affected Products | Hospital Queuing Management(HQM) ISO before version 1.2.13 |
| Description | 【CVE-2026-14161(Sensitive Data Exposure)】 Unauthenticated remote attackers can access a specific URL to obtain API documentation. 【CVE-2026-14162(Missing Authentication)】 Unauthenticated remote attackers can leverage APIs to obtain sensitive information or create website administrator accounts. |
| Solution | Update HQM ISO to version 1.2.13 or later, or update QueueHttp.dll to version 1.2.12.7 or later. |
| Public Date | 2026-06-30 |
:::