CVE-2026-7402 PUBLISHED

Improper Rate Limiting in MeWare Software's PDKS

Assigner: TR-CERT
Reserved: 29.04.2026 Published: 30.04.2026 Updated: 30.04.2026

Improper Control of Interaction Frequency vulnerability in MeWare Software Development Inc. PDKS allows Flooding.

This issue affects PDKS: from V16.20200313 before VMYR_3.5.2025117.

Metrics

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
CVSS Score: 8.1

Product Status

Vendor MeWare Software Development Inc.
Product PDKS
Versions Default: unaffected
  • affected from V16.20200313 to VMYR_3.5.2025117 (excl.)

Credits

  • Berat AKŞİT finder

References

Problem Types

  • CWE-799 Improper Control of Interaction Frequency CWE

Impacts

  • CAPEC-125 Flooding