VYPR

Alfresco Community (transform Core)

by Hyland

CVEs (3)

  • CVE-2026-26339Feb 19, 2026
    risk 0.00cvss epss 0.01

    Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve remote code execution through the argument injection vulnerability, which exists in the document processing functionality.

  • CVE-2026-26338Feb 19, 2026
    risk 0.00cvss epss 0.00

    Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve server-side request forgery (SSRF) through the document processing functionality.

  • CVE-2026-26337Feb 19, 2026
    risk 0.00cvss epss 0.00

    Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve both arbitrary file read and server-side request forgery through the absolute path traversal.