CVE-2026-26338

Medium CVSS: 6.9

Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve server-side request forgery (SSRF) through the document processing functionality.

Vendor

Hyland

Product

Alfresco Transform Service

CWE

CWE-918

Yayın Tarihi

2026-02-19 18:24:59

Güncelleme

2026-03-02 22:03:53

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-918 Alfresco Transform Service MEDIUM Hyland 2026

Referanslar

https://connect.hyland.com/t5/alfresco-blog/security-update-cve-2026-26337-cve-2026-26338-cve-2026-26339/ba-p/496551 https://www.hyland.com/en/solutions/products/alfresco-platform https://www.vulncheck.com/advisories/hyland-alfresco-transformation-service-ssrf

Benzer Kayıtlar

Critical

CVE-2026-26339

Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve remote code execution through the arg…

High

CVE-2026-26337

Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve both arbitrary file read and server-s…

High

CVE-2026-26336

Hyland Alfresco allows unauthenticated attackers to read arbitrary files from protected directories (like WEB-INF) via t…