Unrated severityNVD Advisory· Published Mar 5, 2026· Updated Mar 5, 2026
Extension - astroidframe.work - Unauthenticated Remote Code Execution in Astroid Framework 2.0.0 - 3.3.10 for Joomla
CVE-2026-21628
Description
A improperly secured file management feature allows uploads of dangerous data types for unauthenticated users, leading to remote code execution.
Affected products
1- astroidframe.work/Astroid Template Frameworkv5Range: 2.0.0-3.3.10
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- astroidframe.workmitreproduct
News mentions
0No linked articles in our index yet.