Sign in Get started

← All advisories

Critical severity9.8NVD Advisory· Published Apr 1, 2026· Updated Apr 6, 2026

CVE-2026-30643

CVE-2026-30643

Description

An issue was discovered in DedeCMS 5.7.118 allowing attackers to execute code via crafted setup tag values in a module upload.

Affected products

1

Dedecms/Dedecms
cpe:2.3:a:dedecms:dedecms:*:*:*:*:*:*:*:*
Range: <=5.7.118

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

gist.github.com/0psPwn/10c43912adee9bfe2ff4fec947d4ee5anvdExploitThird Party Advisory
www.dedecms.comnvdProduct

News mentions

0

No linked articles in our index yet.