Opencms Core
Sign in to watchby Alkacon
Source repositories
CVEs (1)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-38429 | Cri | 0.64 | 9.8 | 0.00 | May 5, 2026 | OpenCMS v20 and before is vulnerable to XML External Entity (XXE) in the Admin Import DB feature due to insecure XML parsing of user supplied .zip files containing a manifest.xml. |