VYPR

Alfresco Transformation Service

by Hyland

CVEs (4)

  • CVE-2021-41792MedOct 21, 2021
    risk 0.35cvss 5.3epss 0.01

    An issue was discovered in Hyland org.alfresco:alfresco-content-services through 6.2.2.18 and org.alfresco:alfresco-transform-services through 1.3. A crafted HTML file, once uploaded, could trigger an unexpected request by the transformation engine. The response to the request…

  • CVE-2026-26339Feb 19, 2026
    risk 0.00cvss epss 0.01

    Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve remote code execution through the argument injection vulnerability, which exists in the document processing functionality.

  • CVE-2026-26338Feb 19, 2026
    risk 0.00cvss epss 0.00

    Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve server-side request forgery (SSRF) through the document processing functionality.

  • CVE-2026-26337Feb 19, 2026
    risk 0.00cvss epss 0.00

    Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve both arbitrary file read and server-side request forgery through the absolute path traversal.