Medium severity6.5NVD Advisory· Published May 7, 2026· Updated May 7, 2026

CVE-2026-36387

Description

A Remote Code Execution vulnerability was found in CODEASTRO Membership Management System v1.0 in /add_members.php. This vulnerability affects the file upload functionality, where improper file sanitization allows attackers to inject malicious files which leads RCE.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

codeastro.comnvd
github.com/raneishajustin/CVE/tree/main/CVE-2026-36387nvd

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000