CVE-2026-34427 | givanz Vvveb up to 1.0.8.0 Plugin Upload dynamically-determined object attributes

Inserito da Angelo Barbosa | Apr 20, 2026 | CVE

A vulnerability was found in givanz Vvveb up to 1.0.8.0 and classified as critical. This vulnerability affects unknown code of the component Plugin Upload Handler. Executing a manipulation can lead to dynamically-determined object attributes.

This vulnerability is handled as CVE-2026-34427. The attack can be executed remotely. There is not any exploit available.

It is suggested to upgrade the affected component.

CVE-2026-34427 | givanz Vvveb up to 1.0.8.0 Plugin Upload dynamically-determined object attributes

Post correlati

CVE-2024-52067 | Apache NiFi up to 1.28.0/2.0.0-M4 Parameter Context debug log file

CVE-2024-22408 | Shopware up to 6.5.7.3 Flow Builder server-side request forgery (GHSA-3535-m8vh-vrmw)

CVE-2025-57805 | The-Scratch-Channel tsc-web-client up to 1.1 POST Request input validation (GHSA-h5rj-2466-qr23)

CVE-2024-37524 | IBM Analytics Content Hub 2.0/2.1/2.2/2.3 information exposure