CVE-2026-7292 | o2oa up to 10.0 NodeAgent NodeAgent.java syncFile improper authorization (Issue 194)

A vulnerability marked as critical has been reported in o2oa up to 10.0. This impacts the function syncFile of the file NodeAgent.java of the component NodeAgent. The manipulation leads to improper authorization.

This vulnerability is documented as CVE-2026-7292. The attack can be initiated remotely. Additionally, an exploit exists.

The project was informed of the problem early through an issue report but has not responded yet.VulDB Recent EntriesRead More