CVE-2026-7292 in o2oainfo

Zusammenfassung

von MITRE • 28.04.2026

A security vulnerability has been detected in o2oa up to 10.0. This impacts the function syncFile of the file NodeAgent.java of the component NodeAgent. The manipulation leads to improper authorization. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitability is said to be difficult. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

VulDB

Veröffentlichung

28.04.2026

Moderieren

akzeptiert

Eintrag

VDB-359952

CPE

bereit

CWE

CWE-285 (bestätigt)

Exploit

Download

CVSS

5.6 (VulDB)

EPSS

0.00058

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-7292
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-7292
CVE Details	https://www.cvedetails.com/cve/CVE-2026-7292/

◂ Zurück Übersicht Weiter ▸

Want to know what is going to be exploited?

We predict KEV entries!