Alfresco Community (transform Core)
by Hyland
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-26339 | 0.00 | — | 0.00 | Feb 19, 2026 | Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve remote code execution through the argument injection vulnerability, which exists in the document processing functionality. | |||
| CVE-2026-26338 | 0.00 | — | 0.00 | Feb 19, 2026 | Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve server-side request forgery (SSRF) through the document processing functionality. | |||
| CVE-2026-26337 | 0.00 | — | 0.00 | Feb 19, 2026 | Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve both arbitrary file read and server-side request forgery through the absolute path traversal. |
- CVE-2026-26339Feb 19, 2026risk 0.00cvss —epss 0.00
Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve remote code execution through the argument injection vulnerability, which exists in the document processing functionality.
- CVE-2026-26338Feb 19, 2026risk 0.00cvss —epss 0.00
Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve server-side request forgery (SSRF) through the document processing functionality.
- CVE-2026-26337Feb 19, 2026risk 0.00cvss —epss 0.00
Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve both arbitrary file read and server-side request forgery through the absolute path traversal.