CWE-611
AllowedImproper Restriction of XML External Entity Reference
Abstraction: Base · Status: Draft
The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.
1691 vulnerabilities reference this CWE, most recent first.
CVE-2026-6501 (GCVE-0-2026-6501)
Vulnerability from cvelistv5 – Published: 2026-05-04 14:26 – Updated: 2026-05-04 15:32- CWE-611 - Improper restriction of XML external entity reference
| URL | Tags |
|---|---|
| https://www.jopendocument.org/documentation.html | product |
| Vendor | Product | Version | |
|---|---|---|---|
| ILM Informatique | jOpenDocument |
Affected:
1.5
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-6501",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-04T15:32:16.904772Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-04T15:32:22.819Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "jOpenDocument",
"vendor": "ILM Informatique",
"versions": [
{
"status": "affected",
"version": "1.5"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dominique Righetto"
}
],
"datePublic": "2026-05-04T14:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper restriction of XML external entity reference vulnerability in ILM Informatique jOpenDocument allows Data Serialization External Entities Blowup.\u003cp\u003eThis issue affects jOpenDocument: 1.5.\u003c/p\u003e"
}
],
"value": "Improper restriction of XML external entity reference vulnerability in ILM Informatique jOpenDocument allows Data Serialization External Entities Blowup.\n\nThis issue affects jOpenDocument: 1.5."
}
],
"impacts": [
{
"capecId": "CAPEC-221",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-221 Data Serialization External Entities Blowup"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 Improper restriction of XML external entity reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-04T14:26:50.552Z",
"orgId": "64c5ae8f-7972-4697-86a0-7ada793ac795",
"shortName": "TCS-CERT"
},
"references": [
{
"tags": [
"product"
],
"url": "https://www.jopendocument.org/documentation.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "64c5ae8f-7972-4697-86a0-7ada793ac795",
"assignerShortName": "TCS-CERT",
"cveId": "CVE-2026-6501",
"datePublished": "2026-05-04T14:26:50.552Z",
"dateReserved": "2026-04-17T09:34:02.707Z",
"dateUpdated": "2026-05-04T15:32:22.819Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4980 (GCVE-0-2026-4980)
Vulnerability from cvelistv5 – Published: 2026-03-27 14:50 – Updated: 2026-04-06 19:48- CWE-611 - Improper Restriction of XML External Entity Reference
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4980",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-27T15:12:52.453006Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-06T19:48:25.588Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Inkscape",
"vendor": "Inkscape",
"versions": [
{
"lessThan": "1.3",
"status": "affected",
"version": "1.1",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "VK (previously elttam) https://github.com/me0wday"
}
],
"descriptions": [
{
"lang": "en",
"value": "A local file disclosure vulnerability in the XInclude processing component of Inkscape 1.1 before 1.3 allows a remote attacker to read local files via a crafted SVG file containing malicious xi:include tags."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611: Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-27T14:50:48.271Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"url": "https://gitlab.com/inkscape/inkscape/-/work_items/3557"
},
{
"url": "https://gitlab.com/inkscape/inkscape/-/merge_requests/5269"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to version 1.3 or above"
}
],
"title": "Improper Restriction of XML External Entity Reference in Inkscape"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2026-4980",
"datePublished": "2026-03-27T14:50:48.271Z",
"dateReserved": "2026-03-27T11:18:24.287Z",
"dateUpdated": "2026-04-06T19:48:25.588Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-4374 (GCVE-0-2026-4374)
Vulnerability from cvelistv5 – Published: 2026-04-01 01:06 – Updated: 2026-06-25 15:47- CWE-611 - Improper Restriction of XML External Entity Reference
| Vendor | Product | Version | |
|---|---|---|---|
| RTI | Connext Professional |
Affected:
7.4.0 , < 7.7.0
(custom)
Affected: 7.1.0 , < 7.3.1.1 (custom) Affected: 6.1.0 , < 6.1.2.34 (custom) Affected: 6.0.0 , < 6.0.* (custom) Affected: 5.3.0 , < 5.3.* (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-4374",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-01T14:23:31.865417Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T15:51:42.809Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Cloud Discovery Service",
"Recording Service",
"Routing Service",
"Queueing Service",
"Observability Collector"
],
"packageName": "connext_professional",
"packageURL": "pkg:generic/connext_professional",
"product": "Connext Professional",
"vendor": "RTI",
"versions": [
{
"lessThan": "7.7.0",
"status": "affected",
"version": "7.4.0",
"versionType": "custom"
},
{
"lessThan": "7.3.1.1",
"status": "affected",
"version": "7.1.0",
"versionType": "custom"
},
{
"lessThan": "6.1.2.34",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "6.0.*",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "5.3.*",
"status": "affected",
"version": "5.3.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rti:connext_professional:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.7.0",
"versionStartIncluding": "7.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rti:connext_professional:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.3.1.1",
"versionStartIncluding": "7.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rti:connext_professional:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.2.34",
"versionStartIncluding": "6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rti:connext_professional:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.0.*",
"versionStartIncluding": "6.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rti:connext_professional:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.3.*",
"versionStartIncluding": "5.3.0",
"vulnerable": true
}
],
"negated": false,
"operator": "OR"
}
]
}
],
"datePublic": "2026-03-25T17:31:28.467Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Restriction of XML External Entity Reference vulnerability in RTI Connext Professional (Cloud Discovery Service, Recording Service, Routing Service, Queueing Service, Observability Collector) allows Serialized Data External Linking, Data Serialization External Entities Blowup.\u003cp\u003eThis issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.1.0 before 7.3.1.1, from 6.1.0 before 6.1.2.34, from 6.0.0 before 6.0.*, from 5.3.0 before 5.3.*.\u003c/p\u003e"
}
],
"value": "Improper Restriction of XML External Entity Reference vulnerability in RTI Connext Professional (Cloud Discovery Service, Recording Service, Routing Service, Queueing Service, Observability Collector) allows Serialized Data External Linking, Data Serialization External Entities Blowup.\u003cp\u003eThis issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.1.0 before 7.3.1.1, from 6.1.0 before 6.1.2.34, from 6.0.0 before 6.0.*, from 5.3.0 before 5.3.*.\u003c/p\u003e"
}
],
"impacts": [
{
"capecId": "CAPEC-201",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-201 Serialized Data External Linking"
}
]
},
{
"capecId": "CAPEC-221",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-221 Data Serialization External Entities Blowup"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "Security Extensions Enabled"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-25T15:47:55.576Z",
"orgId": "3f572a00-62e2-4423-959a-7ea25eff1638",
"shortName": "RTI"
},
"references": [
{
"url": "https://www.rti.com/vulnerabilities/#cve-2026-4374"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper Restriction of XML External Entity Reference vulnerability in RTI Connext Professional (multiple infrastructure services) allows Serialized Data External Linking, Data Serialization External Entities Blowup.",
"x_generator": {
"engine": "RTI Lubna 1.16.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "3f572a00-62e2-4423-959a-7ea25eff1638",
"assignerShortName": "RTI",
"cveId": "CVE-2026-4374",
"datePublished": "2026-04-01T01:06:40.064Z",
"dateReserved": "2026-03-18T10:48:52.263Z",
"dateUpdated": "2026-06-25T15:47:55.576Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-3603 (GCVE-0-2026-3603)
Vulnerability from cvelistv5 – Published: 2026-05-26 18:17 – Updated: 2026-05-27 12:35- CWE-611 - Improper Restriction of XML External Entity Reference
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/7274078 | vendor-advisorypatch |
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | Engineering Lifecycle Management |
Affected:
7.0.3 Interim Fix 001 , ≤ Interim Fix 021
(semver)
Affected: 7.1.0 Interim Fix 001 , ≤ Interim Fix 009 (semver) Affected: 7.2.0 and 7.2.0 Interim Fix 001 cpe:2.3:a:ibm:engineering_lifecycle_management:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:ibm:engineering_lifecycle_management:7.1.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:engineering_lifecycle_management:7.2.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-3603",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T19:00:21.406124Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T19:00:29.549Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:engineering_lifecycle_management:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:engineering_lifecycle_management:7.1.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:engineering_lifecycle_management:7.2.0:*:*:*:*:*:*:*"
],
"product": "Engineering Lifecycle Management",
"vendor": "IBM",
"versions": [
{
"lessThanOrEqual": "Interim Fix 021",
"status": "affected",
"version": "7.0.3 Interim Fix 001",
"versionType": "semver"
},
{
"lessThanOrEqual": "Interim Fix 009",
"status": "affected",
"version": "7.1.0 Interim Fix 001",
"versionType": "semver"
},
{
"status": "affected",
"version": "7.2.0 and 7.2.0 Interim Fix 001"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIBM Engineering Lifecycle Management 7.0.3 Interim Fix 001 through\u0026nbsp; Interim Fix 021, 7.1.0\u0026nbsp; Interim Fix 001 through\u0026nbsp; Interim Fix 009, and 7.2.0 and 7.2.0 Interim Fix 001 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. An authenticated attacker could exploit this vulnerability to expose sensitive information or consume memory resources.\u003c/p\u003e"
}
],
"value": "IBM Engineering Lifecycle Management 7.0.3 Interim Fix 001 through\u00a0 Interim Fix 021, 7.1.0\u00a0 Interim Fix 001 through\u00a0 Interim Fix 009, and 7.2.0 and 7.2.0 Interim Fix 001 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. An authenticated attacker could exploit this vulnerability to expose sensitive information or consume memory resources."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T12:35:49.489Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7274078"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIBM strongly recommends addressing the vulnerability now by upgrading to iFixes detailed below:\u003c/p\u003e\u003cdiv\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cstrong\u003eAffected Product(s)\u003c/strong\u003e\u003c/td\u003e\u003ctd\u003e\u003cstrong\u003eVersion(s)\u003c/strong\u003e\u003c/td\u003e\u003ctd\u003e\u003cstrong\u003eRemediation/Fix/Instructions\u003c/strong\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eIBM Engineering Lifecycle Management - Jazz Foundation\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e7.0.3\u003c/td\u003e\u003ctd\u003eDownload and install\u0026nbsp;\u003ca href=\"https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Engineering\u0026amp;product=ibm/Rational/IBM+Engineering+Lifecycle+Management\u0026amp;release=7.2\u0026amp;platform=All\u0026amp;function=fixId\u0026amp;fixids=7.0.3-IBM-ELM-iFix022\u0026amp;includeRequisites=0\u0026amp;includeSupersedes=0\u0026amp;downloadMethod=http\" rel=\"nofollow\"\u003eiFix022\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eIBM Engineering Lifecycle Management - Jazz Foundation\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e7.1.0\u003c/td\u003e\u003ctd\u003eDownload and install\u0026nbsp;\u003ca href=\"https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Engineering\u0026amp;product=ibm/Rational/IBM+Engineering+Lifecycle+Management\u0026amp;release=7.1\u0026amp;platform=All\u0026amp;function=fixId\u0026amp;fixids=7.1-IBM-ELM-iFix010\u0026amp;includeRequisites=0\u0026amp;includeSupersedes=0\u0026amp;downloadMethod=http\u0026amp;login=true\" rel=\"nofollow\"\u003eiFix010\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eIBM Engineering Lifecycle Management - Jazz Foundation\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e7.2.0\u003c/td\u003e\u003ctd\u003eDownload and install\u0026nbsp;\u003ca href=\"https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Engineering\u0026amp;product=ibm/Rational/IBM+Engineering+Lifecycle+Management\u0026amp;release=7.2\u0026amp;platform=All\u0026amp;function=fixId\u0026amp;fixids=7.2-IBM-ELM-iFix002\u0026amp;includeRequisites=0\u0026amp;includeSupersedes=0\u0026amp;downloadMethod=http\u0026amp;login=true\" rel=\"nofollow\"\u003eiFix002\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "IBM strongly recommends addressing the vulnerability now by upgrading to iFixes detailed below:\n\nAffected Product(s)Version(s)Remediation/Fix/Instructions\n\nIBM Engineering Lifecycle Management - Jazz Foundation\n\n7.0.3Download and install\u00a0 iFix022 https://www.ibm.com/support/fixcentral/swg/downloadFixes \n\nIBM Engineering Lifecycle Management - Jazz Foundation\n\n7.1.0Download and install\u00a0 iFix010 https://www.ibm.com/support/fixcentral/swg/downloadFixes \n\nIBM Engineering Lifecycle Management - Jazz Foundation\n\n7.2.0Download and install\u00a0 iFix002 https://www.ibm.com/support/fixcentral/swg/downloadFixes"
}
],
"title": "IBM Engineering Lifecycle Management - Jazz Foundation is vulnerable to XML external entity injection (XXE) attack",
"x_generator": {
"engine": "ibm-cvegen"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2026-3603",
"datePublished": "2026-05-26T18:17:03.408Z",
"dateReserved": "2026-03-05T15:14:14.178Z",
"dateUpdated": "2026-05-27T12:35:49.489Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-3511 (GCVE-0-2026-3511)
Vulnerability from cvelistv5 – Published: 2026-03-19 11:25 – Updated: 2026-03-19 13:15- CWE-611 - Improper Restriction of XML External Entity Reference
| Vendor | Product | Version | |
|---|---|---|---|
| Slovensko.Digital | Autogram |
Affected:
0 , < 2.7.2
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-3511",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-19T13:14:58.232031Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-19T13:15:06.878Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Autogram",
"vendor": "Slovensko.Digital",
"versions": [
{
"lessThan": "2.7.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Martin Orem from Binary House"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Restriction of XML External Entity Reference vulnerability in XMLUtils.java in Slovensko.Digital Autogram allows remote unauthenticated attacker to conduct SSRF (Server Side Request Forgery) attacks and obtain unauthorized access to local files on filesystems running the vulnerable application. Successful exploitation requires the victim to visit a specially crafted website that sends request containing a specially crafted XML document to /sign endpoint of the local HTTP server run by the application.\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Improper Restriction of XML External Entity Reference vulnerability in XMLUtils.java in Slovensko.Digital Autogram allows remote unauthenticated attacker to conduct SSRF (Server Side Request Forgery) attacks and obtain unauthorized access to local files on filesystems running the vulnerable application. Successful exploitation requires the victim to visit a specially crafted website that sends request containing a specially crafted XML document to /sign endpoint of the local HTTP server run by the application."
}
],
"impacts": [
{
"capecId": "CAPEC-664",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-664 Server Side Request Forgery"
}
]
},
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-126 Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-19T11:34:05.288Z",
"orgId": "bc375322-d3d7-4481-b261-e29662236cfd",
"shortName": "SK-CERT"
},
"references": [
{
"url": "https://github.com/slovensko-digital/autogram/releases/tag/v2.7.2"
},
{
"url": "https://blog.binary.house/2026/03/pripadova-studia-ako-sme-s-claude-code.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2026-03-02T23:00:00.000Z",
"value": "Vulnerability discovered"
},
{
"lang": "en",
"time": "2026-03-02T23:00:00.000Z",
"value": "Vulnerability reported to developer"
},
{
"lang": "en",
"time": "2026-03-02T23:00:00.000Z",
"value": "Developer patched the vulnerability"
}
],
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bc375322-d3d7-4481-b261-e29662236cfd",
"assignerShortName": "SK-CERT",
"cveId": "CVE-2026-3511",
"datePublished": "2026-03-19T11:25:44.800Z",
"dateReserved": "2026-03-04T10:42:40.045Z",
"dateUpdated": "2026-03-19T13:15:06.878Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-3404 (GCVE-0-2026-3404)
Vulnerability from cvelistv5 – Published: 2026-03-02 01:32 – Updated: 2026-03-02 15:17| URL | Tags |
|---|---|
| https://vuldb.com/?id.348299 | vdb-entry |
| https://vuldb.com/?ctiid.348299 | signaturepermissions-required |
| https://vuldb.com/?submit.763732 | third-party-advisory |
| https://www.yuque.com/la12138/pa2fpb/ew8x2qss8dv0… | exploit |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-3404",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-02T15:16:36.199792Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-02T15:17:14.605Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:jeesite:jeesite:*:*:*:*:*:*:*:*"
],
"modules": [
"Endpoint"
],
"product": "JeeSite",
"vendor": "thinkgem",
"versions": [
{
"status": "affected",
"version": "5.15.0"
},
{
"status": "affected",
"version": "5.15.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Saul1213 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB"
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw has been found in thinkgem JeeSite up to 5.15.1. Impacted is an unknown function of the file /com/jeesite/common/shiro/cas/CasOutHandler.java of the component Endpoint. Executing a manipulation can lead to xml external entity reference. The attack may be performed from remote. Attacks of this nature are highly complex. The exploitability is considered difficult. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4.6,
"vectorString": "AV:N/AC:H/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-610",
"description": "Externally Controlled Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-02T01:32:10.428Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-348299 | thinkgem JeeSite Endpoint CasOutHandler.java xml external entity reference",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.348299"
},
{
"name": "VDB-348299 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.348299"
},
{
"name": "Submit #763732 | Jeesite v5.15.1 XXE",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.763732"
},
{
"tags": [
"exploit"
],
"url": "https://www.yuque.com/la12138/pa2fpb/ew8x2qss8dv0bsu0?singleDoc"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-01T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-03-01T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-03-01T08:00:26.000Z",
"value": "VulDB entry last update"
}
],
"title": "thinkgem JeeSite Endpoint CasOutHandler.java xml external entity reference"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-3404",
"datePublished": "2026-03-02T01:32:10.428Z",
"dateReserved": "2026-03-01T06:55:17.609Z",
"dateUpdated": "2026-03-02T15:17:14.605Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2536 (GCVE-0-2026-2536)
Vulnerability from cvelistv5 – Published: 2026-02-16 05:02 – Updated: 2026-02-23 10:05| URL | Tags |
|---|---|
| https://vuldb.com/?id.346124 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.346124 | signaturepermissions-required |
| https://vuldb.com/?submit.748807 | third-party-advisory |
| https://vuldb.com/?submit.748808 | third-party-advisory |
| https://gitee.com/opencc/JFlow/issues/IDN7GT | exploitissue-tracking |
| https://gitee.com/opencc/JFlow/ | product |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2536",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-17T17:05:07.890851Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-17T17:05:15.429Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Workflow Engine"
],
"product": "JFlow",
"vendor": "opencc",
"versions": [
{
"status": "affected",
"version": "20260129"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "MaoQiu (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was determined in opencc JFlow up to 20260129. This affects the function Imp_Done of the file src/main/java/bp/wf/httphandler/WF_Admin_AttrFlow.java of the component Workflow Engine. This manipulation of the argument File causes xml external entity reference. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-610",
"description": "Externally Controlled Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-23T10:05:58.889Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-346124 | opencc JFlow Workflow WF_Admin_AttrFlow.java Imp_Done xml external entity reference",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.346124"
},
{
"name": "VDB-346124 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.346124"
},
{
"name": "Submit #748807 | https://gitee.com/opencc/JFlow JFlow latest version XML External Entity Injection (XXE)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.748807"
},
{
"name": "Submit #748808 | https://gitee.com/opencc/JFlow JFlow latest version XML External Entity Injection (XXE) (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.748808"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://gitee.com/opencc/JFlow/issues/IDN7GT"
},
{
"tags": [
"product"
],
"url": "https://gitee.com/opencc/JFlow/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-02-15T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-02-15T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-02-20T07:24:21.000Z",
"value": "VulDB entry last update"
}
],
"title": "opencc JFlow Workflow WF_Admin_AttrFlow.java Imp_Done xml external entity reference"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-2536",
"datePublished": "2026-02-16T05:02:14.100Z",
"dateReserved": "2026-02-15T09:19:07.190Z",
"dateUpdated": "2026-02-23T10:05:58.889Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2253 (GCVE-0-2026-2253)
Vulnerability from cvelistv5 – Published: 2026-05-27 02:54 – Updated: 2026-05-27 18:00- CWE-611 - Improper restriction of XML external entity reference
| Vendor | Product | Version | |
|---|---|---|---|
| Hitachi Vantara | Pentaho Data Integration and Analytics |
Affected:
1.0 , < 10.2.0.7
(maven)
Affected: 10.0 , < 11.0.0 (maven) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2253",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-27T18:00:51.429151Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T18:00:59.490Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Pentaho Data Integration and Analytics",
"vendor": "Hitachi Vantara",
"versions": [
{
"lessThan": "10.2.0.7",
"status": "affected",
"version": "1.0",
"versionType": "maven"
},
{
"lessThan": "11.0.0",
"status": "affected",
"version": "10.0",
"versionType": "maven"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Hitachi Group Member"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Hitachi Vantara Pentaho Data Integration \u0026amp; Analytics versions before 10.2.0.7 and 11.0.0.0, including\u0026nbsp;9.3.x and 8.3.x, does not prevent certain XML parsers from resolving external entities.\u0026nbsp;\u003cbr\u003e"
}
],
"value": "Hitachi Vantara Pentaho Data Integration \u0026 Analytics versions before 10.2.0.7 and 11.0.0.0, including\u00a09.3.x and 8.3.x, does not prevent certain XML parsers from resolving external entities."
}
],
"impacts": [
{
"capecId": "CAPEC-201",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-201 Serialized Data External Linking"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 Improper restriction of XML external entity reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T02:54:25.857Z",
"orgId": "dce6e192-ff49-4263-9134-f0beccb9bc13",
"shortName": "HITVAN"
},
"references": [
{
"url": "https://support.pentaho.com/hc/en-us/articles/45677548193933--Resolved-Hitachi-Vantara-Pentaho-Data-Integration-Analytics-Improper-Restriction-of-XML-External-Entity-Reference-Versions-before-10-2-0-7-and-11-0-0-0-Impacted-CVE-2026-2253"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Hitachi Vantara Pentaho Data Integration \u0026 Analytics - Improper Restriction of XML External Entity Reference",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "dce6e192-ff49-4263-9134-f0beccb9bc13",
"assignerShortName": "HITVAN",
"cveId": "CVE-2026-2253",
"datePublished": "2026-05-27T02:54:25.857Z",
"dateReserved": "2026-02-09T15:09:06.755Z",
"dateUpdated": "2026-05-27T18:00:59.490Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2252 (GCVE-0-2026-2252)
Vulnerability from cvelistv5 – Published: 2026-02-27 08:18 – Updated: 2026-03-06 15:34| Vendor | Product | Version | |
|---|---|---|---|
| Xerox | FreeFlow Core |
Affected:
0 , ≤ 8.0.7
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2252",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-03T19:27:58.048822Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-06T15:34:24.049Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FreeFlow Core",
"vendor": "Xerox",
"versions": [
{
"lessThanOrEqual": "8.0.7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An XML External Entity (XXE) vulnerability allows malicious user to perform Server-Side Request Forgery (SSRF) via crafted XML input containing malicious external entity references.\n\n\u003cp\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eThis issue affects Xerox FreeFlow Core versions up to and including 8.0.7.\u0026nbsp;\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003ePlease consider upgrading to FreeFlow Core version 8.1.0 via the software available on -\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.support.xerox.com/en-us/product/core/downloads\"\u003ehttps://www.support.xerox.com/en-us/product/core/downloads\u003c/a\u003e\u003c/span\u003e\n\n\u003c/p\u003e"
}
],
"value": "An XML External Entity (XXE) vulnerability allows malicious user to perform Server-Side Request Forgery (SSRF) via crafted XML input containing malicious external entity references.\n\nThis issue affects Xerox FreeFlow Core versions up to and including 8.0.7.\u00a0\n\nPlease consider upgrading to FreeFlow Core version 8.1.0 via the software available on -\u00a0 https://www.support.xerox.com/en-us/product/core/downloads"
}
],
"impacts": [
{
"capecId": "CAPEC-201",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-201 Serialized Data External Linking"
}
]
},
{
"capecId": "CAPEC-664",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-664 Server Side Request Forgery"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-27T08:18:38.491Z",
"orgId": "10b61619-3869-496c-8a1e-f291b0e71e3f",
"shortName": "Xerox"
},
"references": [
{
"url": "https://securitydocs.business.xerox.com/wp-content/uploads/2026/02/Xerox-Security-Bulletin-026-005-for-Xerox-Freeflow-Core.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "XML External Entity (XXE) vulnerability resulting in Server-Side Request Forgery (SSRF)",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "10b61619-3869-496c-8a1e-f291b0e71e3f",
"assignerShortName": "Xerox",
"cveId": "CVE-2026-2252",
"datePublished": "2026-02-27T08:18:17.816Z",
"dateReserved": "2026-02-09T14:29:08.541Z",
"dateUpdated": "2026-03-06T15:34:24.049Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2074 (GCVE-0-2026-2074)
Vulnerability from cvelistv5 – Published: 2026-02-07 04:02 – Updated: 2026-02-23 09:29| URL | Tags |
|---|---|
| https://vuldb.com/?id.344640 | vdb-entry |
| https://vuldb.com/?ctiid.344640 | signaturepermissions-required |
| https://vuldb.com/?submit.745486 | third-party-advisory |
| https://vuldb.com/?submit.745489 | third-party-advisory |
| https://github.com/SourByte05/SourByte-Lab/issues/7 | exploitissue-tracking |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2074",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-10T15:24:33.129817Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T15:24:44.981Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"HTTP POST Request Handler"
],
"product": "O2OA",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "9.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "sourbyte (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was identified in O2OA up to 9.0.0. This impacts an unknown function of the file /x_program_center/jaxrs/mpweixin/check of the component HTTP POST Request Handler. The manipulation leads to xml external entity reference. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-610",
"description": "Externally Controlled Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-23T09:29:26.009Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-344640 | O2OA HTTP POST Request check xml external entity reference",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.344640"
},
{
"name": "VDB-344640 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.344640"
},
{
"name": "Submit #745486 | \u6d59\u6c5f\u5170\u5fb7\u7eb5\u6a2a\u7f51\u7edc\u6280\u672f\u80a1\u4efd\u6709\u9650\u516c\u53f8 O2OA v6.1.0 \u81f3 v9.0.0 XML\u5b9e\u4f53\u6ce8\u5165\u6f0f\u6d1e",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.745486"
},
{
"name": "Submit #745489 | O2OA\u5f00\u53d1\u5e73\u53f0 O2OA v6.1.0 \u81f3 v9.0.0 XML\u5b9e\u4f53\u6ce8\u5165\u6f0f\u6d1e (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.745489"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/SourByte05/SourByte-Lab/issues/7"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-02-06T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-02-06T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-02-08T15:08:13.000Z",
"value": "VulDB entry last update"
}
],
"title": "O2OA HTTP POST Request check xml external entity reference"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-2074",
"datePublished": "2026-02-07T04:02:06.652Z",
"dateReserved": "2026-02-06T07:46:08.815Z",
"dateUpdated": "2026-02-23T09:29:26.009Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation
Many XML parsers and validators can be configured to disable external entity expansion.
CAPEC-221: Data Serialization External Entities Blowup
This attack takes advantage of the entity replacement property of certain data serialization languages (e.g., XML, YAML, etc.) where the value of the replacement is a URI. A well-crafted file could have the entity refer to a URI that consumes a large amount of resources to create a denial of service condition. This can cause the system to either freeze, crash, or execute arbitrary code depending on the URI.