EUVD-2026-16629

🗓️ 27 Mar 2026 15:30:26Reported by EUVDType

MingSoft Content Management System up to version five point five zero enables remote server-side forgery via catchImage.

Reporter	Title	Published	Views	Family All 9
ATTACKERKB	CVE-2026-4953	27 Mar 202614:13	–	attackerkb
Circl	CVE-2026-4953	27 Mar 202617:22	–	circl
CNNVD	MingSoft MCMS 安全漏洞	27 Mar 202600:00	–	cnnvd
CVE	CVE-2026-4953	27 Mar 202614:13	–	cve
Cvelist	CVE-2026-4953 mingSoft MCMS Editor Endpoint BaseAction.java catchImage server-side request forgery	27 Mar 202614:13	–	cvelist
NVD	CVE-2026-4953	27 Mar 202615:17	–	nvd
Positive Technologies	PT-2026-28679	27 Mar 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-4953	28 Mar 202616:59	–	redhatcve
Vulnrichment	CVE-2026-4953 mingSoft MCMS Editor Endpoint BaseAction.java catchImage server-side request forgery	27 Mar 202614:13	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "88e6d61d-10ca-3ea5-9b8c-31efec469892",
        "vendor": {
          "name": "Mingsoft"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "006e7605-d0ea-3b46-80fd-acb95b486333",
        "product": {
          "name": "MCMS"
        },
        "product_version": "5.2"
      },
      {
        "id": "1500d8d2-9809-3232-b24b-9696d0d0ae3c",
        "product": {
          "name": "MCMS"
        },
        "product_version": "5.0"
      },
      {
        "id": "1d53bfa5-6aca-30dd-8ab3-ced5a4edcc51",
        "product": {
          "name": "MCMS"
        },
        "product_version": "5.3"
      },
      {
        "id": "68f043a0-d9ec-3f74-8602-a541a5d5837f",
        "product": {
          "name": "MCMS"
        },
        "product_version": "5.5.0"
      },
      {
        "id": "8b8785fd-d411-33aa-9d61-1698dda30d96",
        "product": {
          "name": "MCMS"
        },
        "product_version": "5.1"
      },
      {
        "id": "deea08d7-4233-3484-8c0a-e34f28f2dc1e",
        "product": {
          "name": "MCMS"
        },
        "product_version": "5.4"
      }
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
github	www.github.com/wing3e/public_exp/issues/3
nvd	www.nvd.nist.gov/vuln/detail/CVE-2026-4953

27 Mar 2026 15:30Current

5.6Medium risk

Vulners AI Score5.6

CVSS 46.9

CVSS 3.17.3

CVSS 27.5

CVSS 37.3

EPSS0.00057