Skip to content
cyberMEDIUM2026-04-20 08:16 UTC

CVE-2026-41282 - ProjectDiscovery Nuclei DSL Expression Injection Vulnerability

CVE ID :CVE-2026-41282 Published : April 20, 2026, 8:16 a.m. | 26 minutes ago Description :ProjectDiscovery Nuclei 3 before 3.8.0 allows DSL expression injection. This affects use of -env-vars for multi-step templates against untrusted targets (not the default configuration). Severity: 4.0

ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD

Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.

GET THE SUNDAY BRIEFING →

RELATED · cyber

Editorial policy · Report a correction