CVE-2026-35482 - alf.io has an Authenticated RCE via Extension Script Sandbox Escape
CVE ID :CVE-2026-35482 Published : June 2, 2026, 11:16 p.m. | 1 hour, 57 minutes ago Description :alf.io is an open source ticket reservation system for conferences, trade shows, workshops, and meetups. Prior to version 2.0-M5-2606, a sandbox escape vulnerability in the alf.io extension...