Medium severity4.7NVD Advisory· Published Feb 18, 2026· Updated Apr 29, 2026
CVE-2026-2666
CVE-2026-2666
Description
A flaw has been found in mingSoft MCMS 6.1.1. The affected element is an unknown function of the file /ms/file/uploadTemplate.do of the component Template Archive Handler. Executing a manipulation of the argument File can lead to unrestricted upload. The attack can be launched remotely. The exploit has been published and may be used.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
net.mingsoft:ms-mcmsMaven | <= 6.1.1 | — |
Affected products
2Patches
Vulnerability mechanics
References
7- github.com/chujianxin0101/vuln/issues/11nvdExploitIssue TrackingWEB
- github.com/chujianxin0101/vuln/issues/11nvdExploitIssue Tracking
- github.com/advisories/GHSA-r9wp-qq53-qvjxghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2026-2666ghsaADVISORY
- vuldb.comnvdThird Party AdvisoryVDB EntryWEB
- vuldb.comnvdThird Party AdvisoryVDB EntryWEB
- vuldb.comnvdPermissions RequiredVDB EntryWEB
News mentions
0No linked articles in our index yet.