cvedb.io
CVE-2026-41031
HIGH · CVSS 8.7
EPSS exploitation probability: 0%
Published 2026-06-09T10:16:43.850 · Last modified 2026-06-17T10:46:03.973

Summary

A Stored Cross-Site Scripting vulnerability in Vinna Process Monitor Version 4.0 Service Pack 1 (Build 63255) allows an authenticated remote attacker with low privileges to inject malicious JavaScript code into the application. This enables attackers to steal administrative access tokens and session credentials.

Does this affect you?

Add your gear to cvedb and we'll alert you only when a vendor you run ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.