CVE-2026-7673 in crmeb_javainformação

Sumário

de MITRE • 03/05/2026

A vulnerability was detected in crmeb_java up to 1.3.4. This vulnerability affects unknown code of the file crmeb/crmeb-service/src/main/java/com/zbkj/service/service/impl/UploadServiceImpl.java of the component Admin Upload. Performing a manipulation of the argument model results in unrestricted upload. Remote exploitation of the attack is possible. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsável

VulDB

Divulgação

03/05/2026

Moderação

aceite

Entrada

VDB-360826

CPE

pronto

CWE

CWE-434 (confirmado)

Exploração

Descarregar

CVSS

4.7 (VulDB)

EPSS

0.00043

KEV

não

Atividades

muito baixo

Sector

Pharma, Finance, ...

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-7673
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-7673
CVE Details	https://www.cvedetails.com/cve/CVE-2026-7673/

◂ Voltar Visão Geral Próximo ▸

Do you know our Splunk app?

Download it now for free!