CVE-2026-54103 (CRITICAL, CVSS 9.8): GAO EPDS & CBCA EDS lack authentication on password change API, enabling remote takeover. No patch yet. Restrict access, monitor logs. Details: https://radar.offseq.com/threat/cve-2026-54103-cwe-306-missing-authentication-for--c02db531e70d9ca2 #OffSeq #Vuln #CVE202654103 #GovSec
