CVE-2026-8739 in PublicCMSИнформация

Сводка

по MITRE • 17.05.2026

A vulnerability was detected in Sanluan PublicCMS 5.202506.d. The affected element is the function getSignKey of the file publiccms-core/src/main/java/com/publiccms/logic/component/config/SafeConfigComponent.java. The manipulation of the argument privatefile_key results in use of hard-coded cryptographic key . The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Ответственный

VulDB

Раскрытие

17.05.2026

Модерация

принято

Вход

VDB-364327

CPE

готов

CWE

CWE-321 (Подтверждённый)

Эксплойт

Скачать

CVSS

5.3 (CNA)

EPSS

0.00037

KEV

Нет

Деятельности

Очень низкий

Источники

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-8739
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-8739
CVE Details	https://www.cvedetails.com/cve/CVE-2026-8739/

◂ Предыдущий Обзор Далее ▸

Want to know what is going to be exploited?

We predict KEV entries!