30 June 2026
Reference: CVE-2026-48558
1. What is being reported?
SimpleHelp versions 5.5.15 and earlier, plus some pre-release versions of 6.0, have a problem in their login system. When using a specific login method called OIDC, the software does not properly check if the login token is genuine. This means attackers can create fake tokens to log in as technicians without needing a password or multi-factor authentication.
2. What this means in plain English
If your organisation uses SimpleHelp for remote support, attackers could take control of the system remotely without needing to know any passwords. This could lead to data theft, malware installation, or other harmful actions. Because no user interaction is needed, the risk is high.
3. Could this affect a small business?
Small businesses, charities, clubs, or any organisation using SimpleHelp versions 5.5.15 or earlier, or pre-release 6.0, could be affected. If you do not use SimpleHelp or use a fully updated version, you are likely not at risk.
4. What to do now
- Check if your organisation uses SimpleHelp software and identify the version.
- Contact your IT provider or software supplier to confirm if you are affected and ask for guidance.
- Apply any vendor-provided security updates or mitigations immediately as per their instructions.
- If no update or fix is available, consider discontinuing use of SimpleHelp until the issue is resolved.
5. Ask your IT provider
Can you confirm if our SimpleHelp software is affected by the CVE-2026-48558 authentication bypass vulnerability, and what steps are being taken to protect us?
6. Bottom line
If you use SimpleHelp, act now to check your version and apply fixes to prevent attackers from gaining unauthorised access.
Information based on CISA KEV, NVD, and reputable security reporting.