CVE-2026-41507 | mauriciopoppe math-codegen up to 0.4.2 Mathematical Expression cg.parse code injection (GHSA-p6x5-p4xf-cc4r / EUVD-2026-28597)

A vulnerability marked as critical has been reported in mauriciopoppe math-codegen up to 0.4.2. The impacted element is the function cg.parse of the component Mathematical Expression Handler. This manipulation causes code injection.

The identification of this vulnerability is CVE-2026-41507. It is possible to initiate the attack remotely. There is no exploit available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More