CVE-2026-1696

Low CVSS: 2.3

Some HTTP security headers are not properly set by the web server when sending responses to the client application.

Vendor

Product

CWE

Yayın Tarihi

2026-02-26 08:16:19

Güncelleme

2026-03-12 14:26:15

Source Identifier

87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932

KEV Date Added

CWE-79 Pcvue LOW Arcinformatique 2026

https://www.pcvue.com/security/#SB2026-2

Medium

CVE-2026-1695

An XSS vulnerability affects the OAuth web services used by the WebVue, WebScheduler, TouchVue and SnapVue features of P…

Medium

CVE-2026-1697

The Secure and SameSite attribute are missing in the GraphicalData web services and WebClient web app of PcVue in versio…

Medium

CVE-2026-1698

A HTTP Host header attack vulnerability affects WebClient and the WebScheduler web apps of PcVue in version 15.0.0 throu…

Medium

CVE-2026-1692

A missing origin validation in WebSockets vulnerability affects the GraphicalData web services used by the WebVue, WebSc…

Medium

CVE-2026-1693

The OAuth grant type Resource Owner Password Credentials (ROPC) flow is still used by the werbservices used by the WebVu…

Low

CVE-2026-1694

HTTP headers are added by the default configuration of IIS and ASP.net, and are not removed at the deployment phase of t…