PT-2026-22271 · Xweb Pro · Xweb Pro

Amir Zaltzman

Published

2026-02-27

Updated

2026-05-10

CVE-2026-20797

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions XWEB Pro versions prior to 1.12.1

Description A stack-based buffer overflow exists in an API route of XWEB Pro. This allows unauthenticated attackers to cause stack corruption and program termination. The vulnerable API route is not specified.

Recommendations Update XWEB Pro to version 1.12.1 or later.

Fix

Memory Corruption

Stack Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-121

Related Identifiers

CVE-2026-20797

Affected Products

Xweb Pro

PT-2026-22271 · Xweb Pro · Xweb Pro

CVE-2026-20797

Weakness Enumeration

Related Identifiers

Affected Products

References · 9