CVE-2026-6576 | liangliangyy DjangoBlog up to 2.1.0.0 WeChat Bot Interface commonapi.py CommandHandler Source command injection

A vulnerability was found in liangliangyy DjangoBlog up to 2.1.0.0. It has been declared as critical. The affected element is the function CommandHandler of the file servermanager/api/commonapi.py of the component WeChat Bot Interface. Executing a manipulation of the argument Source can lead to command injection.

This vulnerability is registered as CVE-2026-6576. It is possible to launch the attack remotely. Furthermore, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More