Prog Management System developed by PROG MIS has a Exposure of Sensitive Information vulnerability, allowing unauthenticated remote attackers to view a specific page and obtain the database account and password.
Casky was already ahead
This CVE exploits attack patterns that Casky's 0matched skills already investigate — long before this vulnerability was disclosed. Claude's reasoning model maps these techniques to MITRE ATT&CK, so practitioners who ran these skills have already seen the threat behaviour in their findings.
CVE-2026-14808 represents a critical vulnerability in the PROG Management System that exposes database credentials to unauthenticated attackers. By simply accessing a specific page, threat actors can obtain full database account names and passwords—the keys to an organization's most sensitive data. This vulnerability affects organizations using PROG MIS for management operations, potentially including healthcare, finance, and government sectors that rely on program management systems. With a CVSS score of 9.8, this vulnerability requires immediate patching as it provides attackers with direct database access, enabling data exfiltration, manipulation, or destruction without requiring any authentication or exploitation techniques.
While this CVE currently maps to CWE-497 (Exposure of Sensitive Information) rather than specific MITRE ATT&CK techniques, Casky's Claude-powered analysis would detect the attack patterns underlying exploitation. Practitioners using Casky would identify reconnaissance activities (ATT&CK technique T1592 or T1598) as attackers probe for the vulnerable page, followed by credential access (T1589/T1590) when database credentials are exposed. The platform's 754 security skills enable detection of suspicious unauthenticated page access patterns, credential material in web responses, and subsequent database connection attempts from unexpected sources. Security teams would see findings highlighting unusual access to sensitive configuration pages, exposed credential strings in HTTP responses, and database authentication from foreign IP addresses—all indicators that exploitation has occurred or is underway.
Composite risk scoring from EPSS, CISA KEV, Shodan, and GreyNoise — 21 security APIs correlated into a single Casky Risk Score. Coming in Casky Pro. Join early access →
Casky has 0 skills that investigate the attack patterns behind CVE-2026-14808. Run one and get CVSS-scored findings in 3 minutes.
Run the skill that detects this →© 2026 Casky.AI, Inc. · AI Security Investigation