CVE-2026-29179 | CMS up to 3.7.15/4.1.15 Configuration authorization

Inserito da Angelo Barbosa | Apr 21, 2026 | CVE

A vulnerability identified as problematic has been detected in CMS up to 3.7.15/4.1.15. The affected element is an unknown function of the component Configuration Handler. This manipulation causes incorrect authorization.

This vulnerability is tracked as CVE-2026-29179. The attack is possible to be carried out remotely. No exploit exists.

You should upgrade the affected component.

CVE-2026-29179 | CMS up to 3.7.15/4.1.15 Configuration authorization

Post correlati

CVE-2024-39125 | Roundup up to 2.3.x HTTP Referer Header cross site scripting

CVE-2024-1239 | ElementsKit Elementor Addons Plugin up to 3.0.4 on WordPress cross site scripting

CVE-2025-27100 | treeverse lakeFS up to 1.49.x Environment Variable LAKEFS_BLOCKSTORE_S3_DISABLE_PRE_SIGNED_MULTIPART resource consumption (GHSA-j7jw-28jm-whr6)

CVE-2023-50120 | GPAC 2.3-DEV-rev636-gfbd7e13aa-master MP4Box media_tools/av_parsers.c av1_uvlc infinite loop