CVE-2026-48488
phpMyFAQ is an open source FAQ web application
Published: 2026-06-08 · Last updated: 2026-06-09
Severity and scoring
- CWE
- CWE-328
Description
phpMyFAQ is an open source FAQ web application. Prior to version 4.1.4, attachment passwords are hashed using SHA-1, a cryptographically broken algorithm. SHA-1 has been vulnerable to collision attacks since 2017 (SHAttered). Version 4.1.4 fixes the issue.
Source: NVD
References
Related CVEs
Same CWE
- CVE-2026-11481 — A vulnerability was determined in yoanbernabeu grepai up to 0.35.0 (2.5 LOW)
- CVE-2026-11479 — A vulnerability has been found in yoanbernabeu grepai 0.35.0 (4.2 MEDIUM)
- CVE-2026-11330 — A weakness has been identified in thedotmack claude-mem up to 11.0.1 (3.6 LOW)
- CVE-2026-11329 — A vulnerability has been found in onnx onnx-mlir up to 0.5.0.0 (3.6 LOW)
- CVE-2026-36182 — GNCC GP5 v7.1.76 was discovered to utilize a weak hashing algorithm to protect the root password, possibly allowing attackers to obtain r... (9.8 CRITICAL)