Version vulnerabilities

Nimbus Gateway 4.2.0 through 4.2.8

Public VAPT disclosures for Nimbus Networks Nimbus Gateway Nimbus Gateway 4.2.0 through 4.2.8, with direct links back into the canonical CVE and case records.

9.4 Critical

Latest disclosure Apr 10, 2026

Vulnerability count1

Average severity / risk9.4

Latest disclosedApr 10, 2026

CVE assigned count1

Disclosure filters

Inspect the public records behind this version.

Public vulnerabilities

Nimbus Networks · Nimbus Gateway · Nimbus Gateway 4.2.0 through 4.2.8

1 public VAPT records in the current version view.

CVE CASE Finding / Title Severity EPSS Published Date Status

CVE-2026-44001

VAPT-2026-04401

Session bootstrap token bypass in Nimbus Gateway administrative API

Nimbus Gateway accepted stale bootstrap session material on the administrative API, allowing remote attackers to regain privileged access without re-authentication.

CRITICAL

—

Apr 10, 2026

Published

Page 1 of 1 · 1 public records

Previous 1 Next