VYPR

hm_editor

by huimeicloud

CVEs (1)

  • CVE-2026-5346HigApr 2, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was determined in huimeicloud hm_editor up to 2.2.3. Impacted is the function client.get of the file src/mcp-server.js of the component image-to-base64 Endpoint. Executing a manipulation of the argument url can lead to server-side request forgery. It is possible…