CVE-2026-39918 | givanz Vvveb up to 1.0.8.0 Installation Endpoint env.php subdir code injection

A vulnerability categorized as critical has been discovered in givanz Vvveb up to 1.0.8.0. The impacted element is an unknown function of the file env.php of the component Installation Endpoint. Such manipulation of the argument subdir leads to code injection.

This vulnerability is referenced as CVE-2026-39918. It is possible to launch the attack remotely. No exploit is available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More