PT-2026-27219 · Unknown+1 · Connect-Cms+1

Odgrso

Publicado

2026-03-23

Atualizado

2026-03-24

CVE-2026-32276

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Connect-CMS versions prior to 1.41.1 Connect-CMS versions prior to 2.41.1

Description Connect-CMS is a content management system. An authenticated user may be able to execute arbitrary code in the Code Study Plugin. If exploited, this could lead to code execution on the server or information disclosure.

Recommendations Update Connect-CMS to version 1.41.1 or later. Update Connect-CMS to version 2.41.1 or later.

Exploit

Correção

RCE

Code Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-94

Identificadores relacionados

CVE-2026-32276

GHSA-HXQW-6QV7-CQFV

Produtos afetados

Code Study Plugin

Connect-Cms

PT-2026-27219 · Unknown+1 · Connect-Cms+1

CVE-2026-32276

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 12