CVE-2026-22781 | maximmasiutin TinyWeb up to 1.97 on Win32 CreateProcess os command injection (GHSA-m779-84h5-72q2)

Inserito da Angelo Barbosa | Gen 12, 2026 | CVE

A vulnerability categorized as critical has been discovered in maximmasiutin TinyWeb up to 1.97 on Win32. This affects the function CreateProcess. Such manipulation leads to os command injection.

This vulnerability is uniquely identified as CVE-2026-22781. The attack can be launched remotely. No exploit exists.

It is advisable to upgrade the affected component.

CVE-2026-22781 | maximmasiutin TinyWeb up to 1.97 on Win32 CreateProcess os command injection (GHSA-m779-84h5-72q2)

Post correlati

CVE-2024-42447 | Apache FAB provider 1.2.0/1.2.1 on Airflow session expiration

CVE-2024-13873 | wpjobportal WP Job Portal Plugin up to 2.2.8 on WordPress deleteUserPhoto authorization

CVE-2024-29203 | TinyMCE up to 6.8.0 iFrame cross site scripting

CVE-2023-3410 | Bricks Plugin up to 1.10.1 on WordPress cross site scripting