CVE-2026-2701 - Vulnerability Analysis
CriticalCVSS: 9.1Last Updated: April 3, 2026
Unspecified Product - Remote Code Execution
Published: April 2, 2026Updated: April 3, 2026Remote Exploitable
Overview
An unspecified product contains an unrestricted file upload vulnerability caused by allowing authenticated users to upload and execute malicious files, letting attackers achieve remote code execution, exploit requires user authentication.
Severity & Score
Severity: Critical
CVSS Score: 9.1
Impact
Authenticated attackers can upload and execute malicious files, leading to remote code execution and full system compromise.
Mitigation
Update to the latest version or apply vendor patches to restrict file upload and execution.
References
Related Resources
Details
- CVE ID
- CVE-2026-2701
- Severity
- Critical
- CVSS Score
- 9.1
- Type
- unrestricted_file_upload
- Status
- unconfirmed
CWE
- CWE-78
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H