CVE-2026-44668— Faction: Unauthenticated Read, Modify, and Delete of Boilerplate Templates
Possible ATT&CK Techniques 3AI
T1499 · Endpoint Denial of Service T1078 · Valid Accounts T1136 · Create AccountAffected Version Matrix 1
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| factionsecurity | faction | < 1.8.3 | affected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-44668
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Faction: Unauthenticated Read, Modify, and Delete of Boilerplate Templates
Source: NVD (National Vulnerability Database)
Vulnerability Description
FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, AccessControlInterceptor, the authentication gate for all Struts2 actions, unconditionally calls invocation.invoke() without checking for a valid session. Four action methods in BoilerPlateConfig perform no local session check either, allowing an unauthenticated attacker to read, overwrite, deactivate, and permanently delete any boilerplate template in the system. This vulnerability is fixed in 1.8.3.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
关键功能的认证机制缺失
Source: NVD (National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| factionsecurity | faction | < 1.8.3 | - |
II. Public POCs for CVE-2026-44668
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
Qwen3.6-35B-A3B · 9097 chars
Paid plan includes:
In-depth vulnerability mechanism
Trigger conditions & impact
Full executable POC code
Exploit chain & mitigation
POC zip download
100+ AI POC generations per month
III. Intelligence Information for CVE-2026-44668
请登录查看更多情报信息。
Vendor Advisories for CVE-2026-44668 (1)
Other References for CVE-2026-44668 (1)
Same Patch Batch · factionsecurity · 2026-05-26 · 3 CVEs total
| CVE-2026-44669 | 8.7 HIGH | Faction: Stored XSS in Assessment Attachment Filename Preview Rendering |
| CVE-2026-44667 | 8.7 HIGH | Faction: Stored XSS in Remediation Verification Attachment Filename Preview Rendering |
IV. Related Vulnerabilities
Same product: faction
Same vendor: factionsecurity
Same weakness: CWE-306
- CVE-2026-44895
GitLab MCP Server: SSE transport has no authentication and w - CVE-2026-47672
epa4all-client: Unauthenticated REST API for Patient Record - CVE-2026-44775
Kavita: No authentication at /api/Reader/image - CVE-2026-9371
ItzCrazyKns Vane API route.ts missing authentication - CVE-2026-9152
Unauthenticated SOAP Endpoint in Altium 365 SearchService Al
V. Comments for CVE-2026-44668
No comments yet