CVE-2026-2731

N/A

Description

Path traversal and content injection in JobRunnerBackground.aspx in DynamicWeb 8 (all) and 9 (<9.19.7 and <9.20.3) allows unauthenticated attackers to execute code via simple web requests

CVE Details

CVSS v3.1 ScoreN/A

Published2/19/2026

Last Modified2/19/2026

Sourcenvd

Honeypot Sightings0

Weaknesses (CWE)

CWE-22

References

https://doc.dynamicweb.dev/documentation/fundamentals/dw10release/security-reports.html#january-19th-2026---unauthenticated-rce-dynamicweb-9-and-dynamicweb-8(db4dfee8-a97e-4877-bfae-eba6d14a2166)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.