Description

CediPay is a crypto-to-fiat app for the Ghanaian market. A vulnerability in CediPay prior to version 1.2.3 allows attackers to bypass input validation in the transaction API. The issue has been fixed in version 1.2.3. If upgrading is not immediately possible, restrict API access to trusted networks or IP ranges; enforce strict input validation at the application layer; and/or monitor transaction logs for anomalies or suspicious activity. These mitigations reduce exposure but do not fully eliminate the vulnerability.

INFO

Published Date :

2026-02-19T18:53:47.314Z

Last Modified :

2026-02-19T21:23:44.840Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2026-26063 vulnerability.

Vendors Products
Xpertforextradeinc
  • Cedipay
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-26063.

URL Resource
https://github.com/xpertforextradeinc/CediPay/security/advisories/GHSA-wvr6-395c-5pxr cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability