CVE-2026-41258 OpenMRS: Stored Velocity SSTI to RCE via ConceptReferenceRange

OpenMRS is an open source electronic medical record system platform. From 2.7.0 to before 2.7.9 and 2.8.6, the ConceptReferenceRangeUtility.evaluateCriteria method in OpenMRS Core evaluates database-stored criteria strings as Apache Velocity templates without any sandbox configuration. The...

CVE-2026-41258

OpenMRS is an open source electronic medical record system platform. From 2.7.0 to before 2.7.9 and 2.8.6, the ConceptReferenceRangeUtility.evaluateCriteria method in OpenMRS Core evaluates database-stored criteria strings as Apache Velocity templates without any sandbox configuration. The...

GHSA-XJ4F-8JJG-VX4Q OpenMRS has Stored Velocity SSTI to RCE via ConceptReferenceRange

Impact The ConceptReferenceRangeUtility.evaluateCriteria method in OpenMRS Core evaluates database-stored criteria strings as Apache Velocity templates without any sandbox configuration. The VelocityEngine is initialized with only logging properties and noSecureUberspector, leaving the default...

PT-2026-36946

Name of the Vulnerable Software and Affected Versions openmrs-api versions prior to 2.7.9 openmrs-api versions prior to 2.8.6 Description Server-side template injection SSTI occurs via Velocity, which allows for remote code execution RCE. SSTI is a flaw where an attacker can inject malicious code...

PT-2026-37100

Name of the Vulnerable Software and Affected Versions OpenMRS Core versions prior to 2.7.9 OpenMRS Core versions 2.8.0 through 2.8.5 Description The '/openmrs/moduleResources/moduleid' endpoint is susceptible to a path traversal attack. This occurs because the ModuleResourcesServlet uses the...

CVE-2026-33486

Roadiz is a polymorphic content management system based on a node system that can handle many types of services. A vulnerability in roadiz/documents prior to versions 2.7.9, 2.6.28, 2.5.44, and 2.3.42 allows an authenticated attacker to read any file on the server's local file system that the web...

CVE-2026-32332

Missing Authorization vulnerability in Ays Pro Easy Form easy-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Form: from n/a through = 2.7.9...

CVE-2026-25327

Missing Authorization vulnerability in Rustaurius Five Star Restaurant Reservations restaurant-reservations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Five Star Restaurant Reservations: from n/a through = 2.7.9...

PT-2026-27899

Name of the Vulnerable Software and Affected Versions Rustaurius Five Star Restaurant Reservations versions through 2.7.9 Description An authorization issue exists in Rustaurius Five Star Restaurant Reservations restaurant-reservations, allowing exploitation due to incorrectly configured access...

WordPress Five Star Restaurant Reservations plugin <= 2.7.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by johska in WordPress Plugin Five Star Restaurant Reservations versions = 2.7.9...

EUVD-2026-11808

Missing Authorization vulnerability in Ays Pro Easy Form easy-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Form: from n/a through = 2.7.9...

CVE-2026-32332

Missing Authorization vulnerability in Ays Pro Easy Form easy-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Form: from n/a through = 2.7.9...

CVE-2026-32332 WordPress Easy Form plugin <= 2.7.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in Ays Pro Easy Form easy-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Form: from n/a through = 2.7.9...

CVE-2026-32332

Missing Authorization vulnerability in Ays Pro Easy Form easy-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Form: from n/a through = 2.7.9...

CVE-2026-24583

Missing Authorization vulnerability in sumup SumUp Payment Gateway For WooCommerce sumup-payment-gateway-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SumUp Payment Gateway For WooCommerce: from n/a through = 2.7.9...

CVE-2026-24583

Missing Authorization vulnerability in sumup SumUp Payment Gateway For WooCommerce sumup-payment-gateway-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SumUp Payment Gateway For WooCommerce: from n/a through = 2.7.9...

CVE-2026-24583 WordPress SumUp Payment Gateway For WooCommerce plugin <= 2.7.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in sumup SumUp Payment Gateway For WooCommerce sumup-payment-gateway-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SumUp Payment Gateway For WooCommerce: from n/a through = 2.7.9...

CVE-2026-24583

CVE-2026-24583 is a Missing Authorization (Broken Access Control) vulnerability in the WordPress plugin SumUp Payment Gateway For WooCommerce, affecting versions through 2.7.9. The issue stems from incorrectly configured access control security levels, enabling unauthorized access to certain oper...

CVE-2026-24583 WordPress SumUp Payment Gateway For WooCommerce plugin <= 2.7.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in sumup SumUp Payment Gateway For WooCommerce sumup-payment-gateway-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SumUp Payment Gateway For WooCommerce: from n/a through = 2.7.9...

PT-2026-4421

Name of the Vulnerable Software and Affected Versions SumUp Payment Gateway For WooCommerce versions through 2.7.9 Description The SumUp Payment Gateway For WooCommerce has a flaw related to incorrectly configured access control security levels, potentially allowing unauthorized access...