VYPR

Maven package

org.omnifaces/omnifaces

pkg:maven/org.omnifaces/omnifaces

Vulnerabilities (1)

  • CVE-2026-41883HigMay 8, 2026
    affected < 1.14.2fixed 1.14.2

    OmniFaces is a utility library for Faces. Prior to versions 1.14.2, 2.7.32, 3.14.16, 4.7.5, and 5.2.3, there is a server-side EL injection leading to Remote Code Execution (RCE). This affects applications that use CDNResourceHandler with a wildcard CDN mapping (e.g. libraryName:*