CVE-2026-5233 - Vulnerability Details - OpenCVE

Improper Control of Interaction Frequency vulnerability in MIA Technology Inc. Pizzy Library allows Flooding.

This issue affects Pizzy Library: from 1.0.0.26250 before 1.3.9.26250.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Exploitation none

Automatable no

Technical Impact partial

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

MIA Technology Inc.

Pizzy Library

unaffected

Version	Status	Constraints
`1.0.0.26250`	affected	< 1.3.9.26250

No data.

No data.

No data.

Project Subscriptions

No data.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0383

History

Mon, 15 Jun 2026 16:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Mon, 15 Jun 2026 14:00:00 +0000

Type	Values Removed	Values Added
Description		Improper Control of Interaction Frequency vulnerability in MIA Technology Inc. Pizzy Library allows Flooding. This issue affects Pizzy Library: from 1.0.0.26250 before 1.3.9.26250.
Title		Missing Rate Limiting in Mia Technologies' Pizzy Library
Weaknesses		CWE-799
References		https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0383
Metrics		cvssV3_1 `{'score': 7.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H'}`

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: TR-CERT

Published: 2026-06-15T12:42:34.666Z

Updated: 2026-06-15T15:58:23.979Z

Reserved: 2026-03-31T13:36:58.860Z

Link: CVE-2026-5233

Vulnrichment

Updated: 2026-06-15T15:58:19.363Z

NVD

Status : Received

Published: 2026-06-15T14:16:37.570

Modified: 2026-06-15T14:16:37.570

Link: CVE-2026-5233

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-799

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-5233", "assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21", "state": "PUBLISHED", "assignerShortName": "TR-CERT", "dateReserved": "2026-03-31T13:36:58.860Z", "datePublished": "2026-06-15T12:42:34.666Z", "dateUpdated": "2026-06-15T15:58:23.979Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21", "shortName": "TR-CERT", "dateUpdated": "2026-06-15T13:48:27.639Z"}, "title": "Missing Rate Limiting in Mia Technologies' Pizzy Library", "datePublic": "2026-06-15T12:25:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-799", "description": "CWE-799 Improper Control of Interaction Frequency", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-125", "descriptions": [{"lang": "en", "value": "CAPEC-125 Flooding"}]}], "affected": [{"vendor": "MIA Technology Inc.", "product": "Pizzy Library", "versions": [{"status": "affected", "version": "1.0.0.26250", "lessThan": "1.3.9.26250", "versionType": "custom"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Improper Control of Interaction Frequency vulnerability in MIA Technology Inc. Pizzy Library allows Flooding.\n\nThis issue affects Pizzy Library: from 1.0.0.26250 before 1.3.9.26250.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Improper Control of Interaction Frequency vulnerability in MIA Technology Inc. Pizzy Library allows Flooding.<p>This issue affects Pizzy Library: from 1.0.0.26250 before 1.3.9.26250.</p>"}]}], "references": [{"url": "https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0383", "tags": ["government-resource"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "HIGH", "baseSeverity": "HIGH", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H"}}], "credits": [{"lang": "en", "value": "Ahmet DURMU\u015e", "type": "finder"}, {"lang": "en", "value": "STM Savunma Teknolojileri M\u00fchendislik ve Ticaret A.\u015e.", "type": "sponsor"}], "source": {"defect": ["TR-26-0383"], "advisory": "TR-26-0383", "discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.2"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-06-15T15:58:13.174347Z", "id": "CVE-2026-5233", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-15T15:58:23.979Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-5233", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-06-15T15:58:13.174347Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-15T15:58:19.363Z"}}], "cna": {"title": "Missing Rate Limiting in Mia Technologies' Pizzy Library", "source": {"defect": ["TR-26-0383"], "advisory": "TR-26-0383", "discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Ahmet DURMU\u015e"}, {"lang": "en", "type": "sponsor", "value": "STM Savunma Teknolojileri M\u00fchendislik ve Ticaret A.\u015e."}], "impacts": [{"capecId": "CAPEC-125", "descriptions": [{"lang": "en", "value": "CAPEC-125 Flooding"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "MIA Technology Inc.", "product": "Pizzy Library", "versions": [{"status": "affected", "version": "1.0.0.26250", "lessThan": "1.3.9.26250", "versionType": "custom"}], "defaultStatus": "unaffected"}], "datePublic": "2026-06-15T12:25:00.000Z", "references": [{"url": "https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0383", "tags": ["government-resource"]}], "x_generator": {"engine": "Vulnogram 1.0.2"}, "descriptions": [{"lang": "en", "value": "Improper Control of Interaction Frequency vulnerability in MIA Technology Inc. Pizzy Library allows Flooding.\n\nThis issue affects Pizzy Library: from 1.0.0.26250 before 1.3.9.26250.", "supportingMedia": [{"type": "text/html", "value": "Improper Control of Interaction Frequency vulnerability in MIA Technology Inc. Pizzy Library allows Flooding.<p>This issue affects Pizzy Library: from 1.0.0.26250 before 1.3.9.26250.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-799", "description": "CWE-799 Improper Control of Interaction Frequency"}]}], "providerMetadata": {"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21", "shortName": "TR-CERT", "dateUpdated": "2026-06-15T13:48:27.639Z"}}}, "cveMetadata": {"cveId": "CVE-2026-5233", "state": "PUBLISHED", "dateUpdated": "2026-06-15T15:58:23.979Z", "dateReserved": "2026-03-31T13:36:58.860Z", "assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21", "datePublished": "2026-06-15T12:42:34.666Z", "assignerShortName": "TR-CERT"}, "dataVersion": "5.2"}