CVE-2026-48997 | e107 up to 2.3.5 Setting resize_image os command injection (GHSA-3j33-c9v4-4p42)

Inserito da Angelo Barbosa | Giu 18, 2026 | CVE

A vulnerability was found in e107 up to 2.3.5. It has been rated as critical. Affected by this vulnerability is the function resize_image of the component Setting Handler. Performing a manipulation results in os command injection.

This vulnerability is identified as CVE-2026-48997. The attack can be initiated remotely. There is not any exploit available.

Upgrading the affected component is advised.

CVE-2026-48997 | e107 up to 2.3.5 Setting resize_image os command injection (GHSA-3j33-c9v4-4p42)

Post correlati

CVE-2025-64168 | agno-agi agno up to 2.2.1 session_state race condition

CVE-2024-25958 | Dell Grab up to 5.0.4 on Windows default permission (dsa-2024-121)

CVE-2025-39918 | Linux Kernel up to 6.12.45/6.16.5 wifi stack-based overflow

CVE-2024-37883 | Nextcloud Deck App up to 1.12.0 Deck Board access control