CVE-2026-8967

Infor · Multiple Products

A vulnerability in the Graphics: WebGPU component of Infor products may lead to unauthorized information disclosure.

Executive summary

A critical information disclosure vulnerability in the Infor Graphics: WebGPU component poses a significant risk of unauthorized data exposure.

Vulnerability

This is an information disclosure vulnerability residing within the Graphics: WebGPU component. The specific authentication requirements are currently unknown due to limited technical documentation.

Business impact

Successful exploitation of this flaw could allow an attacker to gain access to sensitive internal data processed by the WebGPU component. Given the CVSS score of 7.5, this vulnerability represents a high risk that could lead to significant data breaches, potential loss of intellectual property, and erosion of customer trust.

Remediation

Immediate Action: Identify all instances of affected Infor products within your environment and apply the latest security updates provided by the vendor.

Proactive Monitoring: Monitor server and application access logs for anomalous patterns or unauthorized requests directed at the Graphics subsystem.

Compensating Controls: Implement strict network segmentation and ensure that Web Application Firewalls (WAF) are configured to detect and block abnormal traffic patterns associated with the affected component.

Exploitation status

Public Exploit Available: false

Analyst recommendation

Organizations should prioritize the assessment of their Infor software footprint to determine exposure. Given the high severity, it is imperative to monitor official vendor communication channels for patch availability and to deploy those updates immediately upon release to mitigate the risk of information leakage.