Vulnerabilities

CVE-2026-31282

by Fred · 13/04/2026

Totara LMS v19.1.5 and before is vulnerable to Incorrect Access Control. The login page code can be manipulated to reveal the login form. An attacker can chain that with missing rate-limit on the login form to launch a brute force attack.

More information : https://github.com/saykino/CVE-2026-31282

Similar

Tags: Cybersecurity Alert