← Voltar para CVEs
CVE-2026-36765
N/ADescricao
An XML external entity (XXE) vulnerability in the /designer/loadReport endpoint of SpringBlade v4.8.0 allows authenticated attackers to execute arbitrary code via injecting a crafted payload.
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado4/30/2026
Ultima modificacao4/30/2026
Fontenvd
Avistamentos honeypot0
Referencias
https://github.com/chillzhuang/SpringBlade(cve@mitre.org)
https://github.com/chillzhuang/SpringBlade/issues/37(cve@mitre.org)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.