QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2026-1693

Back to search

CVE-2026-1693

Published: Feb 26, 2026

Modified: Mar 26, 2026

PUBLISHED

Description

The OAuth grant type Resource Owner Password Credentials (ROPC) flow is still used by the werbservices used by the WebVue, WebScheduler, TouchVue and Snapvue features of PcVue in version 12.0.0 through 16.3.3 included despite being deprecated. It might allow a remote attacker to steal user credentials.

VendorProductVersions

arcinfo

PcVue

affected
16.0.0 - <= 16.3.3
affected
15.0.0 - <= 15.2.13
affected
12.0.0

Weaknesses (CWE)

CWE-1390
CWE-477

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now