CVE-2026-26339

Critical CVSS: 9.3

Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve remote code execution through the argument injection vulnerability, which exists in the document processing functionality.

Vendor

Hyland

Product

Alfresco Transform Service

CWE

CWE-918

Yayın Tarihi

2026-02-19 18:25:00

Güncelleme

2026-03-02 22:07:07

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-918 Alfresco Transform Service CRITICAL Hyland 2026

Referanslar

https://connect.hyland.com/t5/alfresco-blog/security-update-cve-2026-26337-cve-2026-26338-cve-2026-26339/ba-p/496551 https://www.hyland.com/en/solutions/products/alfresco-platform https://www.vulncheck.com/advisories/hyland-alfresco-transformation-service-argument-injection-rce

Benzer Kayıtlar

High

CVE-2026-26337

Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve both arbitrary file read and server-s…

Medium

CVE-2026-26338

Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve server-side request forgery (SSRF) th…

High

CVE-2026-26336

Hyland Alfresco allows unauthenticated attackers to read arbitrary files from protected directories (like WEB-INF) via t…