CVE ID :CVE-2026-50223 Published : June 10, 2026, 11:16 p.m. | 17 hours, 48 minutes ago Description :Improper Control of Generation of Code ('Code Injection') vulnerability in Apache OFBiz allows a low-privileged authenticated user with Content/DataResource editing privileges to perform...

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

CVE-2026-50223 - Apache OFBiz: DataResource Low-Privileged Authenticated FreeMarker Template Injection Leads to Remote Code Execution

VERWANDTEARTIKEL

CVE-2026-45176 - Idira Endpoint Privilege Manager Agent: Local Privilege Escalation via Internal Communication or File Operation Manipulation

CVE-2026-45177 - Idira Secrets Manager SaaS Edge: Authentication Bypass of an internal validation mechanism

CVE-2026-48547 - KanaDojo < 0.1.18 Command Injection via patchNotesData.json in release.yml

CVE-2026-45178 - Idira Secrets Manager Self-Hosted: Improper Access Control in Internal Cluster Endpoints

CVE-2026-48546 - KanaDojo < 0.1.18 Sandbox Escape RCE via messages.cjs

CVE-2026-49261 - MariaDB server has unsafe parameter handling in `wsrep_notify_cmd`