CVE-2026-2658 | newbee-ltd newbee-mall up to a069069b07027613bf0e7f571736be86f431faee Multiple Endpoints cross-site request forgery

A vulnerability marked as problematic has been reported in newbee-ltd newbee-mall up to a069069b07027613bf0e7f571736be86f431faee. Affected is an unknown function of the component Multiple Endpoints. Performing a manipulation results in cross-site request forgery.

This vulnerability is known as CVE-2026-2658. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-2658 | newbee-ltd newbee-mall up to a069069b07027613bf0e7f571736be86f431faee Multiple Endpoints cross-site request forgery

Post correlati

CVE-2025-64459 | Django up to 4.2.25/5.1.13/5.2.7 QuerySet.filter/QuerySet.exclude/QuerySet.get sql injection

CVE-2023-49255 | Hongdian H8951-4G-ESP prior 2310271149 Router Console data missing authentication

CVE-2024-27829 | Apple macOS up to 14.4 App memory corruption (HT214106)

CVE-2023-3511 | GitLab Enterprise Edition prior 16.4.4/16.5.4/16.6.2 Private Project access control