CVE-2026-5128

CRITICAL

Published:Mar 30, 2026(Today)

Modified:Mar 30, 2026

AI Explanation

The steam-trader application has a vulnerability that exposes sensitive Steam account data, including usernames, passwords, and authentication tokens. Unauthenticated attackers can exploit this to gain full control over affected Steam accounts. The application is no longer maintained, and no fix is available.

Users of the steam-trader application are at critical risk of having their Steam accounts compromised due to exposure of sensitive account data.

Network AccessLow ComplexityNo Auth NeededNo User Interaction

How to Fix

1Avoid using the steam-trader application, 2. Revoke access tokens and session identifiers, 3. Change Steam account passwords and enable two-factor authentication

References

https://github.com/arthurfiorette/steam-trader

CVSS Score

v3.1

10.0/ 10.0

CRITICAL

AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

At a Glance

Affected Products

References

CVSS v3 Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CVE-2026-5128

✦ AI Explanation

How to Fix

References

CVSS Score

At a Glance

CVSS v3 Vector

Impact Analysis

AI Explanation