High severity8.8NVD Advisory· Published Apr 7, 2026· Updated Apr 9, 2026
CVE-2026-30460
CVE-2026-30460
Description
Daylight Studio FuelCMS v1.5.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability in the Blocks module.
Affected products
1- cpe:2.3:a:thedaylightstudio:fuel_cms:1.5.2:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- pentest-tools.com/PTT-2025-027-Improper-Authorization.pdfnvdExploitThird Party Advisory
- daylight.comnvdNot Applicable
- fuelcms.comnvdProduct
News mentions
0No linked articles in our index yet.