VYPR
Critical severity9.8GHSA Advisory· Published Jun 30, 2025· Updated Apr 15, 2026

CVE-2025-26074

CVE-2025-26074

Description

Orkes Conductor v3.21.11 allows remote attackers to execute arbitrary OS commands through unrestricted access to Java classes.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.conductoross:conductor-coreMaven
< 3.21.133.21.13

Affected products

2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.