CVE-2026-42796 - Arelle < 2.39.10 Unauthenticated RCE via /rest/configure
CVE ID :CVE-2026-42796 Published : May 4, 2026, 5:19 p.m. | 50 minutes ago Description :Arelle before 2.39.10 contains an unauthenticated remote code execution vulnerability in the /rest/configure REST endpoint that accepts a plugins query parameter and forwards it to the plugin manager withou
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Amazon SES increasingly abused in phishing to evade detection
- [CYBER] Trellix discloses data breach after source code repository hack
- [CYBER] Exploit Cyber-Frenzy Threatens Millions via Critical cPanel Vulnerability
- [CYBER] Hackers target governments and MSPs via critical cPanel flaw CVE-2026-41940
- [CYBER] Trellix confirms source code repo access incident
- [CYBER] Part 10 — Lessons learned building a Kubernetes Auth Gateway