CVE-2026-42782 | Apache Syncope up to 3.0.16/4.0.5/4.1.0 Groovy Code improper isolation or compartmentalization

Inserito da Angelo Barbosa | Mag 25, 2026 | CVE

A vulnerability was found in Apache Syncope up to 3.0.16/4.0.5/4.1.0. It has been classified as problematic. Affected by this issue is some unknown functionality of the component Groovy Code Handler. The manipulation leads to improper isolation or compartmentalization.

This vulnerability is documented as CVE-2026-42782. The attack can be initiated remotely. There is not any exploit available.

Upgrading the affected component is recommended.

CVE-2026-42782 | Apache Syncope up to 3.0.16/4.0.5/4.1.0 Groovy Code improper isolation or compartmentalization

Post correlati

CVE-2025-10668 | itsourcecode Online Discussion Forum 1.0 compose_msg_admin.php ID sql injection

CVE-2024-42612 | Pligg CMS 2.0.2 domain_management.php cross-site request forgery

CVE-2026-25998 | strongswan strongMan up to 0.1.x nonce re-use

CVE-2023-49569 | go-git prior 5.11.0 Git Server Reply path traversal