CVE-2026-26274 | October CMS up to 3.7.13/4.1.9 incomplete blacklist

Inserito da Angelo Barbosa | Apr 21, 2026 | CVE

A vulnerability labeled as critical has been found in October CMS up to 3.7.13/4.1.9. The impacted element is an unknown function. Such manipulation leads to incomplete blacklist.

This vulnerability is listed as CVE-2026-26274. The attack may be performed from remote. There is no available exploit.

The affected component should be upgraded.

CVE-2026-26274 | October CMS up to 3.7.13/4.1.9 incomplete blacklist

Post correlati

CVE-2024-0995 | Tenda W6 1.0.0.9(4122) httpd /goform/wifiSSIDset formwrlSSIDset index stack-based overflow

CVE-2024-26934 | Linux Kernel up to 6.9-rc1 drivers/usb/core/sysfs.c usb_deauthorize_interface deadlock

CVE-2024-0302 | fhs-opensource iparking 1.5.22.RELEASE /vueLogin deserialization

CVE-2024-5531 | Ocean Extra Plugin up to 2.2.8 on WordPress Flickr Widget cross site scripting