CVE-2026-24729

Critical CVSS: 10.0

An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to execute arbitrary system commands via a malicious class file.

Vendor

Product

CWE

CWE-434

Yayın Tarihi

2026-01-30 05:16:33

Güncelleme

2026-02-04 16:34:21

Source Identifier

ART@zuso.ai

KEV Date Added

Kategoriler

CWE-434 CRITICAL 2026

Referanslar

https://zuso.ai/advisory/za-2026-02