CVE ID :CVE-2026-10748 Published : June 16, 2026, 5:42 p.m. | 1 hour, 25 minutes ago Description :An authenticated user with the nx-licensing-create privilege can upload a specially crafted license file to execute arbitrary operating system commands as the Nexus process user in Sonatype Nexus...

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

CVE-2026-10748 - Nexus Repository 3 - Remote Code Execution via License Deserialization

VERWANDTEARTIKEL

CVE-2026-53866 - OpenClaw < 2026.5.12 - Allowlist Bypass in Shell Inline-Command Parsing

CVE-2026-53864 - OpenClaw < 2026.5.26 - Insufficient Environment Variable Sanitization in Node.js Control Variables

CVE-2026-53857 - OpenClaw < 2026.5.3 - Mutable Display Name Binding in Zalo allowFrom Policy

CVE-2026-53855 - OpenClaw < 2026.4.2 - Shell Positional Parameters Bypass in Inline-Eval Checks

CVE-2026-53853 - OpenClaw < 2026.5.12 - Argument Pattern Bypass in Exec Allowlist via Linux and macOS

CVE-2026-53849 - OpenClaw < 2026.5.7 - Privilege Escalation via Mutable Discord Display Names in allowFrom