Severity:
CRITICAL RISK
(9.4)
Missing Authentication for Critical Functions (CWE-306) in Carlson VASCO-B GNSS Receiver
CVE-2026-3893
Published:
Apr 28, 2026
Status:
Awaiting Analysis
Summary
Affected Context
Exploit Preconditions
Why This Happens
Potential Impact
General Mitigation Guidance
How Teams Detect Issues Like This
Frequently Asked Questions
Source
NDV
Recent Vulnerabilities
CWE-284;CWE-434
(7.3)
Unrestricted File Upload (CWE-434) via Engine Handler exec in MindsDB BYOM Integration
Remote Code Execution and Arbitrary File Upload
May 3, 2026
CWE-287
(7.3)
Improper Authentication (CWE-287) in JwtAuthenticationTokenFilter of yudao-cloud Ruoyi-Vue-Pro
Authentication Bypass / Unauthorized Access
May 3, 2026
