CVE-2026-27156 | zauberzeug NiceGUI up to 3.7.x API cross site scripting

Inserito da Angelo Barbosa | Feb 24, 2026 | CVE

A vulnerability was found in zauberzeug NiceGUI up to 3.7.x. It has been declared as problematic. This issue affects some unknown processing of the component API. Executing a manipulation can lead to cross site scripting.

This vulnerability is handled as CVE-2026-27156. The attack can be executed remotely. There is not any exploit available.

It is recommended to upgrade the affected component.

CVE-2026-27156 | zauberzeug NiceGUI up to 3.7.x API cross site scripting

Post correlati

CVE-2024-30218 | SAP NetWeaver AS ABAP and ABAP Platform up to 7.93 resource consumption

CVE-2025-22828 | Apache CloudStack 4.16.x Comment access control

CVE-2024-6053 | TeamViewer Meeting/Remote Full Client exposure of private personal information to an unauthorized actor

CVE-2025-9528 | Linksys E1700 1.0.0.4.003 /goform/systemCommand command os command injection