CVE-2026-8967
Infor · Multiple Products
A vulnerability in the Graphics: WebGPU component of Infor products may lead to unauthorized information disclosure.
Executive summary
A critical information disclosure vulnerability in the Infor Graphics: WebGPU component poses a significant risk of unauthorized data exposure.
Vulnerability
This is an information disclosure vulnerability residing within the Graphics: WebGPU component. The specific authentication requirements are currently unknown due to limited technical documentation.
Business impact
Successful exploitation of this flaw could allow an attacker to gain access to sensitive internal data processed by the WebGPU component. Given the CVSS score of 7.5, this vulnerability represents a high risk that could lead to significant data breaches, potential loss of intellectual property, and erosion of customer trust.
Remediation
Immediate Action: Identify all instances of affected Infor products within your environment and apply the latest security updates provided by the vendor.
Proactive Monitoring: Monitor server and application access logs for anomalous patterns or unauthorized requests directed at the Graphics subsystem.
Compensating Controls: Implement strict network segmentation and ensure that Web Application Firewalls (WAF) are configured to detect and block abnormal traffic patterns associated with the affected component.
Exploitation status
Public Exploit Available: false
Analyst recommendation
Organizations should prioritize the assessment of their Infor software footprint to determine exposure. Given the high severity, it is imperative to monitor official vendor communication channels for patch availability and to deploy those updates immediately upon release to mitigate the risk of information leakage.