EUVD-2026-5807

🗓️ 08 Feb 2026 07:32:06Reported by EUVDType

WuKongCRM flaw up to 11.3.3 enables remote improper authorization via gateway handler; exploit public.

Reporter	Title	Published	Views	Family All 12
ATTACKERKB	CVE-2026-2141	8 Feb 202607:32	–	attackerkb
CNNVD	WukongCRM 授权问题漏洞	8 Feb 202600:00	–	cnnvd
CVE	CVE-2026-2141	8 Feb 202607:32	–	cve
Cvelist	CVE-2026-2141 WuKongOpenSource WukongCRM URL PermissionServiceImpl.java improper authorization	8 Feb 202607:32	–	cvelist
NVD	CVE-2026-2141	8 Feb 202608:15	–	nvd
OPENSUSE Linux	python311-pyasn1-0.6.2-1.1 on GA media (moderate)	22 Jan 202600:00	–	opensuse
OSV	CVE-2026-2141	8 Feb 202608:15	–	osv
OSV	OPENSUSE-SU-2026:10078-1 python311-pyasn1-0.6.2-1.1 on GA media	21 Jan 202600:00	–	osv
Positive Technologies	PT-2026-3301	1 Jan 202600:00	–	ptsecurity
Positive Technologies	PT-2026-6968	21 Jan 202600:00	–	ptsecurity

[
  {
    "enisaIdVendor": [
      {
        "id": "6f2f1fe0-1d35-3752-8bb2-bd0008927f40",
        "vendor": {
          "name": "WuKongOpenSource"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "4d372a98-67b6-37ef-adf8-14023d84f7e0",
        "product": {
          "name": "WukongCRM"
        },
        "product_version": "11.3.1"
      },
      {
        "id": "7a5a01f4-7dc9-3f1c-bcab-2c3eb7351b28",
        "product": {
          "name": "WukongCRM"
        },
        "product_version": "11.3.0"
      },
      {
        "id": "97438ea3-5681-3078-b767-d87d76518f3c",
        "product": {
          "name": "WukongCRM"
        },
        "product_version": "11.3.3"
      },
      {
        "id": "b17a0948-5bf0-3626-8108-385669b6bc0c",
        "product": {
          "name": "WukongCRM"
        },
        "product_version": "11.3.2"
      }
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
github	www.github.com/SourByte05/SourByte-Lab/issues/8

08 Feb 2026 07:32Current

6Medium risk

Vulners AI Score6

CVSS 45.3

CVSS 3.16.3

CVSS 26.5

CVSS 36.3

EPSS0.0002

SSVC