Skip to content
Threat Feed

Tag

Cve-2026-30643

1 brief RSS
critical advisory

DedeCMS 5.7.118 Code Injection Vulnerability via Crafted Module Upload (CVE-2026-30643)

DedeCMS 5.7.118 is vulnerable to remote code execution via crafted setup tag values during a module upload, as exploited by an unauthenticated attacker (CVE-2026-30643).

dedecms code-injection cve-2026-30643
2r 1t 1c