CVE-2026-1696— Missing security HTTP headers

EPSS 0.04% · P12 Updated Mar 26, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-1696

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Missing security HTTP headers

Source: NVD (National Vulnerability Database)

Vulnerability Description

Some HTTP security headers are not properly set by the web server when sending responses to the client application.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

在Web页面生成时对输入的转义处理不恰当(跨站脚本)

Source: NVD (National Vulnerability Database)

Vulnerability Title

PcVue 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

PcVue是PcVue公司的一个可靠、安全、强大的运营软件平台，专用于监测和控制建筑和园区管理等市场中的应用。 PcVue存在安全漏洞，该漏洞源于Web服务器在向客户端应用程序发送响应时未正确设置某些HTTP安全标头。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
arcinfo	PcVue	16.0.0 ~ 16.3.3	-

II. Public POCs for CVE-2026-1696

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2026-1696

请登录查看更多情报信息。

Security Bulletins | PcVue PcVuevendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2026-1696

Same Patch Batch · arcinfo · 2026-02-26 · 7 CVEs total

CVE-2026-1698		HTTP Host header vulnerability in WebClient and WebScheduler web apps
CVE-2026-1693		Use of vulnerable Resource Owner Password Credentials flow
CVE-2026-1692		Missing origin validation in GraphicalData web service requests
CVE-2026-1695		XSS vulnerability upon unsuccessful authentication
CVE-2026-1697		Use of unsecure cookies for GraphicalData web service and WebClient web app
CVE-2026-1694		Server configuration details in HTTP headers

IV. Related Vulnerabilities

Same product: PcVue

Same vendor: arcinfo

Same weakness: CWE-79

V. Comments for CVE-2026-1696

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2026-1696— Missing security HTTP headers

I. Basic Information for CVE-2026-1696

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2026-1696

III. Intelligence Information for CVE-2026-1696

Same Patch Batch · arcinfo · 2026-02-26 · 7 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2026-1696

Leave a comment