CVE-2026-32148 | hexpm hex up to 2.4.1 RemoteConverger integrity check (GHSA-hmv9-4mfr-m92v)

Inserito da Angelo Barbosa | Apr 30, 2026 | CVE

A vulnerability labeled as critical has been found in hexpm hex up to 2.4.1. Affected is an unknown function of the component RemoteConverger Module. Executing a manipulation can lead to improper validation of integrity check value.

This vulnerability is registered as CVE-2026-32148. It is possible to launch the attack remotely. No exploit is available.

The affected component should be upgraded.

CVE-2026-32148 | hexpm hex up to 2.4.1 RemoteConverger integrity check (GHSA-hmv9-4mfr-m92v)

Post correlati

CVE-2024-1315 | Classified Listing Plugin up to 3.0.4 on WordPress rtcl_update_user_account cross-site request forgery

CVE-2025-45156 | Splashin 2.0 on iOS Location Update access control

CVE-2025-49590 | CryptPad 1.1.1/3.0.0 Link Bouncer incomplete denylist to cross-site scripting (GHSA-vq9h-x3gr-v8rj)

CVE-2023-7176 | Campcodes Online College Library System 1.0 HTTP POST Request /admin/return_add.php student sql injection