top of page
perceptive_background_267k.jpg

Exposed methods allow authenticated users to create and execute arbitrary JavaScript code on the server. The scripts execute with full access, enabling complete…

Published:

27 May 2026 at 22:00:00

Alert date:

28 May 2026 at 22:04:22

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies, Enterprise Applications

A critical vulnerability (CVE-2026-9645) allows authenticated users to create and execute arbitrary JavaScript code on affected servers. The vulnerability exposes methods that enable complete system compromise as the malicious scripts execute with full administrative privileges, running commands as root. This represents a severe security risk as it provides attackers with unrestricted access to the underlying system once they have authenticated access to the application.

Technical details

Mitigation steps:

Affected products:

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-9645
https://www.tenable.com/security/research/tra-2026-46

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page