CVE-2026-5739 | PowerJob 5.1.0/5.1.1/5.1.2 OpenAPI Endpoint /openApi/addWorkflowNode GroovyEvaluator.evaluate nodeParams code injection (Issue 1168)

Inserito da Angelo Barbosa | Apr 7, 2026 | CVE

A vulnerability was found in PowerJob 5.1.0/5.1.1/5.1.2. It has been declared as critical. The affected element is the function GroovyEvaluator.evaluate of the file /openApi/addWorkflowNode of the component OpenAPI Endpoint. The manipulation of the argument nodeParams results in code injection.

This vulnerability is identified as CVE-2026-5739. The attack can be executed remotely. There is not any exploit available.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-5739 | PowerJob 5.1.0/5.1.1/5.1.2 OpenAPI Endpoint /openApi/addWorkflowNode GroovyEvaluator.evaluate nodeParams code injection (Issue 1168)

Post correlati

CVE-2024-43080 | Google Android 12/12L/13/14/15 AppRestrictionsFragment.java onReceive deserialization

CVE-2023-5761 | Burst Statistics Plugin 1.4.0/1.4.6.1 on WordPress sql injection

CVE-2024-25136 | AutomationDirect C-MORE EA9 HMI up to 6.77 path traversal (icsa-24-086-01)

CVE-2025-27909 | IBM Concert Software up to 1.1.0 Trusted Domain cross-domain policy