CVE-2026-39910 | STACKIT IaaS API prior 2026-05-28 Instance Metadata Service authorization

A vulnerability classified as critical was found in STACKIT IaaS API. This affects an unknown function of the component Instance Metadata Service. Such manipulation leads to missing authorization.

This vulnerability is listed as CVE-2026-39910. The attack may be performed from remote. There is no available exploit.

This product is available as a managed service. Users are not able to maintain vulnerability countermeasures themselves. Upgrading the affected component is advised.VulDB Recent EntriesRead More