CVE-2026-35056
Summary (supported by connected docs): XenForo versions before 2.3.9 and before 2.2.18 are affected by a remote code execution (RCE) vulnerability exploitable by authenticated, malicious admins who have access to the admin panel. The attacker can execute arbitrary code on the server. The referenc...