CVE-2026-1600: The backend accepts user-controlled pricing values without validating them against...

Summary

A critical vulnerability, identified as CVE-2026-1600, has been discovered where the backend system fails to validate user-controlled pricing values against server-side product data. This flaw enables attackers to manipulate the 'price' field in POST requests, potentially leading to fraudulent transactions or unauthorized price reductions.

Indicators of Compromise

• cve — CVE-2026-1600