CVE-2026-32650
HIGHAnviz CrossChex Standard Algorithm Downgrade
Title source: cnaDescription
Anviz CrossChex Standard is vulnerable when an attacker manipulates the TDS7 PreLogin to disable encryption, causing database credentials to be sent in plaintext and enabling unauthorized database access.
Scores
CVSS v3
7.5
EPSS
0.0003
EPSS Percentile
8.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-757
Status
published
Products (1)
Anviz/Anviz CrossChex Standard
All versions
Published
Apr 17, 2026
Tracked Since
Apr 18, 2026