Skip to content
cyberMEDIUM2026-05-11 10:16 UTC

CVE-2026-41951 - GROWI EJS Template Injection

CVE ID :CVE-2026-41951 Published : May 11, 2026, 10:16 a.m. | 49 minutes ago Description :Path traversal vulnerability exists in GROWI v7.5.0 and earlier, which may allow an attacker to execute arbitrary EJS templates on the server when an email server is running in GROWI. Severity: 8.6 | H

ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD

Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.

GET THE SUNDAY BRIEFING →

RELATED · cyber

Editorial policy · Report a correction