← Volver a CVEs
CVE-2026-36765
N/ADescripcion
An XML external entity (XXE) vulnerability in the /designer/loadReport endpoint of SpringBlade v4.8.0 allows authenticated attackers to execute arbitrary code via injecting a crafted payload.
Detalles CVE
Puntuacion CVSS v3.1N/A
Publicado4/30/2026
Ultima modificacion4/30/2026
Fuentenvd
Avistamientos honeypot0
Referencias
https://github.com/chillzhuang/SpringBlade(cve@mitre.org)
https://github.com/chillzhuang/SpringBlade/issues/37(cve@mitre.org)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.