cbcvebase.
CVE-2026-11374
published 2026-06-23

CVE-2026-11374: In ManageEngine ADSelfService Plus, RecoveryManager Plus, M365 Manager Plus, and ADAudit Plus, the SSO tickets generated to authenticate that session could be…

PriorityP359critical9CVSS 3.1
AVNACHPRNUINSCCHIHAH
EPSS
1.24%
65.4th percentile
In ManageEngine ADSelfService Plus, RecoveryManager Plus, M365 Manager Plus, and ADAudit Plus, the SSO tickets generated to authenticate that session could be predicted by an unauthenticated user, leading to account takeover.

Affected

4 ranges
VendorProductVersion rangeFixed in
zohocorpmanageengine_adaudit_plus< 87038703
zohocorpmanageengine_adselfservice_plus< 65296529
zohocorpmanageengine_m365_manager_plus< 48174817
zohocorpmanageengine_recovery_manager_plus< 63216321
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.