CVE-2026-2536 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A vulnerability was determined in opencc JFlow up to 20260129. This affects the function Imp_Done of the file src/main/java/bp/wf/httphandler/WF_Admin_AttrFlow.…
Medium CVSS: 5.3

CVE-2026-2536

A vulnerability was determined in opencc JFlow up to 20260129. This affects the function Imp_Done of the file src/main/java/bp/wf/httphandler/WF_Admin_AttrFlow.java of the component Workflow Engine. This manipulation of the argument File causes xml external entity reference. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet.
Vendor
-
Product
-
CWE
CWE-610
Yayın Tarihi
2026-02-16 06:16:22
Güncelleme
2026-02-18 17:52:22
Source Identifier
cna@vuldb.com
KEV Date Added
-

Kategoriler

CWE-610 MEDIUM 2026

Referanslar

https://gitee.com/opencc/JFlow/ https://gitee.com/opencc/JFlow/issues/IDN7GT https://vuldb.com/?ctiid.346124 https://vuldb.com/?id.346124 https://vuldb.com/?submit.748807 https://vuldb.com/?submit.748808