Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/20 6:18 p.m.6 views

CVE-2026-23836

HotCRP is conference review software. A problem introduced in April 2024 in version 3.1 led to inadequately sanitized code generation for HotCRP formulas which allowed users to trigger the execution of arbitrary PHP code. The problem is patched in release version 3.2...

9.9CVSS6AI score0.00392EPSS
Exploits0References1
CVE
CVE
added 2026/01/19 6:6 p.m.17 views

CVE-2026-23836

HotCRP (conference review software) is affected by CVE-2026-23836. A flaw introduced in April 2024 in version 3.1 enables inadequately sanitized code generation for HotCRP formulas, allowing the execution of arbitrary PHP code (remote code execution). This issue impacts HotCRP 3.1 and is mitigate...

9.9CVSS6AI score0.00392EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/01/19 6:6 p.m.14 views

CVE-2026-23836 HotCRP vulnerable to remote code execution through formulas

HotCRP is conference review software. A problem introduced in April 2024 in version 3.1 led to inadequately sanitized code generation for HotCRP formulas which allowed users to trigger the execution of arbitrary PHP code. The problem is patched in release version 3.2...

9.9CVSS0.00392EPSS
Exploits0References3
OSV
OSV
added 2026/01/19 6:6 p.m.5 views

CVE-2026-23836 HotCRP vulnerable to remote code execution through formulas

HotCRP is conference review software. A problem introduced in April 2024 in version 3.1 led to inadequately sanitized code generation for HotCRP formulas which allowed users to trigger the execution of arbitrary PHP code. The problem is patched in release version 3.2...

9.9CVSS6AI score0.00392EPSS
Exploits0References5
Rows per page
Query Builder