VYPR
High severity8.8NVD Advisory· Published May 8, 2026· Updated May 13, 2026

CVE-2026-29202

CVE-2026-29202

Description

Insufficient input validation of the plugin parameter of the create_user plugin allows arbitrary Perl code execution on behalf of the already authenticated account's system user.

Patches

Vulnerability mechanics

References

1

News mentions

2