3 matches found
Exploit for CVE-2026-6807
This is functional proof of concept code based on the CISA discl...
CVE-2026-6807 NSA GRASSMARLIN Improper Restriction of XML External Entity Reference
A vulnerability in GRASSMARLIN v3.2.1 allows crafted session data to trigger improper handling of XML input, which may result in unintended exposure of sensitive information. The flaw stems from insufficient hardening of the XML parsing process...
PT-2026-35811
Name of the Vulnerable Software and Affected Versions GRASSMARLIN versions prior to 3.2.1 GRASSMARLIN version 3.2.1 Description Improper handling of XML input occurs due to insufficient hardening of the XML parsing process. This allows crafted session data, specifically within session files .gm3,...