CVE-2026-2101

🗓️ 16 Feb 2026 16:02:37Reported by 3DSType

Reflected cross site scripting vulnerability in ENOVIA VPM Web Access affects versions sixteen to nineteen.

Reporter	Title	Published	Views	Family All 8
ATTACKERKB	CVE-2026-2101	16 Feb 202616:02	–	attackerkb
Circl	CVE-2026-2101	16 Feb 202622:34	–	circl
CNNVD	Dassault Systèmes ENOVIAvpm Web Access 安全漏洞	16 Feb 202600:00	–	cnnvd
Cvelist	CVE-2026-2101 Reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIAvpm Web Access from ENOVIAvpm Version 1 Release 16 through ENOVIAvpm Version 1 Release 19	16 Feb 202616:02	–	cvelist
NVD	CVE-2026-2101	16 Feb 202617:18	–	nvd
Positive Technologies	PT-2026-8358	16 Feb 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-2101	17 Feb 202619:24	–	redhatcve
Vulnrichment	CVE-2026-2101 Reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIAvpm Web Access from ENOVIAvpm Version 1 Release 16 through ENOVIAvpm Version 1 Release 19	16 Feb 202616:02	–	vulnrichment

[
  {
    "vendor": "Dassault Systèmes",
    "product": "ENOVIAvpm Web Access",
    "versions": [
      {
        "status": "affected",
        "version": "ENOVIAvpm V1R16 Golden",
        "lessThanOrEqual": "ENOVIAvpm V1R16 SP6",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "ENOVIAvpm V1R17 Golden",
        "lessThanOrEqual": "ENOVIAvpm V1R17 SP5",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "ENOVIAvpm V1R18 Golden",
        "lessThanOrEqual": "ENOVIAvpm V1R18 SP3",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "ENOVIAvpm V1R19 Golden",
        "lessThanOrEqual": "ENOVIAvpm V1R19 SP1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
3ds	www.3ds.com/trust-center/security/security-advisories/cve-2026-2101

15 Apr 2026 00:35Current

6Medium risk

Vulners AI Score6

CVSS 3.18.7

EPSS0.00044

SSVC

CWE-79