HIGHCVE-2026-0750Published 2026-01-28Modified 2026-01-28CNA drupal

CVE-2026-0750: Payment bypass in Commerce Paybox

Improper Verification of Cryptographic Signature vulnerability in Drupal Drupal Commerce Paybox Commerce Paybox on Drupal 7.X allows Authentication Bypass.This issue affects Drupal Commerce Paybox: from 7-x-1.0 through 7.X-1.5.

CVSS v4.0: 8.7
Severity: HIGH
Fixed in: —
Affected Products: 1

Affected packages

Drupal / Drupal Commerce Paybox
≤ 7.x-1.5

CVSS Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

References

herodevs.com
d7es.tag1.com

Metrics