CVE-2026-6886

Critical

Published: 23 April 2026

Published

23 April 2026

Modified

24 April 2026

KEV Added

—

Patch

—

CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0019 40.5th percentile

Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Description

Borg SPM 2007 (Sales Ended in 2008) developed by BorG Technology Corporation has a Authentication Bypass vulnerability, allowing unauthenticated remote attackers to log into the system as any user.

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Directly remediates the authentication bypass flaw in Borg SPM 2007, preventing unauthenticated remote attackers from logging in as any user.

IA-2 Identification and Authentication (Organizational Users) good match

prevent

Ensures organizational users are identified and authenticated, countering the vulnerability that allows impersonation without credentials.

AC-3 Access Enforcement good match

prevent

Enforces approved access authorizations, blocking unauthorized logical access enabled by the authentication bypass.

Security SummaryAI

CVE-2026-6886 is an authentication bypass vulnerability in Borg SPM 2007, a software product developed by BorG Technology Corporation with sales ending in 2008. The flaw, linked to CWE-1390, enables unauthenticated remote attackers to log into the system as any user. It carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), reflecting its critical severity due to network accessibility, low attack complexity, and lack of prerequisites.

Unauthenticated remote attackers can exploit this vulnerability over the network without privileges or user interaction. Successful exploitation allows attackers to impersonate any user account, potentially compromising full system control and leading to high impacts on confidentiality, integrity, and availability.

Advisories from TWCERT/CC detail the vulnerability at https://www.twcert.org.tw/en/cp-139-10863-2f48e-2.html and https://www.twcert.org.tw/tw/cp-132-10861-b8709-1.html, which security practitioners should consult for mitigation guidance. The vulnerability was published on 2026-04-23T10:16:18.390.

Details

CWE(s): CWE-1390

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1068 Exploitation for Privilege Escalation Privilege Escalation

Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.

attack.mitre.org →

Why these techniques?

CVE-2026-6886 is a critical authentication bypass in a network-accessible service (AV:N/PR:N), directly enabling T1190 (Exploit Public-Facing Application) for initial access. Exploitation impersonates any user, facilitating T1068 (Exploitation for Privilege Escalation) to gain full system control.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

https://www.twcert.org.tw/en/cp-139-10863-2f48e-2.html
twcert@cert.org.tw
https://www.twcert.org.tw/tw/cp-132-10861-b8709-1.html
twcert@cert.org.tw