CVE-2026-35086 | Apache OFBiz up to 24.09.05 Email Service code injection

A vulnerability has been found in Apache OFBiz up to 24.09.05 and classified as critical. Affected is an unknown function of the component Email Service. Performing a manipulation results in code injection.

This vulnerability is known as CVE-2026-35086. Access to the local network is required for this attack. No exploit is available.

The affected component should be upgraded.VulDB Recent EntriesRead More