CVE-2026-41507 | mauriciopoppe math-codegen up to 0.4.2 Mathematical Expression cg.parse code injection (GHSA-p6x5-p4xf-cc4r)

Inserito da Angelo Barbosa | Mag 8, 2026 | CVE

A vulnerability marked as critical has been reported in mauriciopoppe math-codegen up to 0.4.2. The impacted element is the function cg.parse of the component Mathematical Expression Handler. This manipulation causes code injection.

The identification of this vulnerability is CVE-2026-41507. It is possible to initiate the attack remotely. There is no exploit available.

It is suggested to upgrade the affected component.

CVE-2026-41507 | mauriciopoppe math-codegen up to 0.4.2 Mathematical Expression cg.parse code injection (GHSA-p6x5-p4xf-cc4r)

Post correlati

CVE-2025-9430 | mtons mblog up to 3.5.0 /admin/options/update input cross site scripting (ICPMMF)

CVE-2023-41092 | Intel Stratix/Agilex up to 23.2 on Intel SDM Firmware return value (intel-sa-01007)

CVE-2025-23327 | NVIDIA Triton Inference Server on Windows/Linux integer overflow

CVE-2025-6187 | bSecure Plugin up to 1.7.9 on WordPress REST Endpoint /webhook/v2/order_info/ authorization