CVE-2026-26274 | October CMS up to 3.7.13/4.1.9 incomplete blacklist

April 21, 2026 Yanac

A vulnerability labeled as critical has been found in October CMS up to 3.7.13/4.1.9. The impacted element is an unknown function. Such manipulation leads to incomplete blacklist.

This vulnerability is listed as CVE-2026-26274. The attack may be performed from remote. There is no available exploit.

The affected component should be upgraded.VulDB Recent EntriesRead More

CVE-2019-25714 | Seeyon A8-V5 Collaborative Management Software 6.1sp1 POST htmlofficeservlet unrestricted upload
CVE-2026-29179 | CMS up to 3.7.15/4.1.15 Configuration authorization