CVE-2026-39052

Name of the Vulnerable Software and Affected Versions Oinone Pamirs version 7.0.0

Description An issue exists via ScriptRunner where the run(String expression, String type, Map<String, Object> context) function evaluates attacker-controlled script expressions through the underlying script engine. This occurs because the process lacks sandboxing (a security mechanism for separating running programs) or allowlist restrictions.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.