Blesta

CVEs (3)

• CVE-2026-25616Feb 3, 2026
  risk 0.00cvss —epss 0.02

  Blesta 3.x through 5.x before 5.13.3 mishandles input validation, aka CORE-5665.

• CVE-2026-25615Feb 3, 2026
  risk 0.00cvss —epss 0.00

  Blesta 3.x through 5.x before 5.13.3 allows object injection, aka CORE-5668.

• CVE-2026-25614Feb 3, 2026
  risk 0.00cvss —epss 0.00

  Blesta 3.x through 5.x before 5.13.3 allows object injection, aka CORE-5680.