CVE-2026-6796 in PublicCMSinformation

Résumé

par MITRE • 22/04/2026

A vulnerability was determined in Sanluan PublicCMS up to 6.202506.d. Affected is the function log_login of the file core/src/main/java/com/publiccms/controller/admin/LoginAdminController.java of the component Failed Login Handler. This manipulation of the argument errorPassword causes cleartext storage in a file or on disk. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsable

VulDB

Divulgation

22/04/2026

Modérer

accepté

Entrée

VDB-358490

CPE

prêt

CWE

CWE-313 (confirmé)

CVSS

4.3 (VulDB)

EPSS

0.00014

KEV

non

Activités

très faible

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-6796
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-6796
CVE Details	https://www.cvedetails.com/cve/CVE-2026-6796/

◂ Précédent Aperçu Suivant ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!