Information disclosure in the Graphics: WebGPU component
Description
Information disclosure in the Graphics: WebGPU component
AI Analyst Comment
Remediation
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
---METADATA---
VENDOR: Infor
PRODUCT: Multiple Products
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
CONFIDENCE: low
MISSING: versions, patch, technical_details
---END_METADATA---
Description Summary:
A vulnerability in the Graphics: WebGPU component of Infor products may lead to unauthorized information disclosure.
Executive Summary:
A critical information disclosure vulnerability in the Infor Graphics: WebGPU component poses a significant risk of unauthorized data exposure.
Vulnerability Details
CVE-ID: CVE-2026-8967
Affected Software: Infor Multiple Products
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This is an information disclosure vulnerability residing within the Graphics: WebGPU component. The specific authentication requirements are currently unknown due to limited technical documentation.
Business Impact
Successful exploitation of this flaw could allow an attacker to gain access to sensitive internal data processed by the WebGPU component. Given the CVSS score of 7.5, this vulnerability represents a high risk that could lead to significant data breaches, potential loss of intellectual property, and erosion of customer trust.
Remediation Plan
Immediate Action: Identify all instances of affected Infor products within your environment and apply the latest security updates provided by the vendor.
Proactive Monitoring: Monitor server and application access logs for anomalous patterns or unauthorized requests directed at the Graphics subsystem.
Compensating Controls: Implement strict network segmentation and ensure that Web Application Firewalls (WAF) are configured to detect and block abnormal traffic patterns associated with the affected component.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 21, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Organizations should prioritize the assessment of their Infor software footprint to determine exposure. Given the high severity, it is imperative to monitor official vendor communication channels for patch availability and to deploy those updates immediately upon release to mitigate the risk of information leakage.