A vulnerability categorized as critical has been discovered in pig-mesh Pig up to 3.9.2. Affected by this issue is some unknown functionality of the file pig-masterpig-visualpig-codegensrcmainjavacompig4cloudpigcodegenserviceimplGeneratorServiceImpl.java of the component pig-codegen. Such manipulation leads to code injection.
This vulnerability is referenced as CVE-2026-15512. It is possible to launch the attack remotely. Furthermore, an exploit is available.
The vendor was contacted early about this disclosure but did not respond in any way.