Critical severityNVD Advisory· Published Apr 8, 2026· Updated Apr 13, 2026
CVE-2026-3199
CVE-2026-3199
Description
A vulnerability in the task management component of Sonatype Nexus Repository versions 3.22.1 through 3.90.2 allows an authenticated attacker with task creation permissions to execute arbitrary code, bypassing the nexus.scripts.allowCreation security control.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: >=3.22.1 <=3.90.2
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.