Vendor
high
advisory
Connect-CMS Code Study Plugin Arbitrary Code Execution
2 rules 1 TTPAn authenticated user of the Connect-CMS Code Study Plugin can execute arbitrary code due to a vulnerability (CVE-2026-32276) in versions 1.x before 1.41.1 and 2.x before 2.41.1, potentially leading to code execution on the server or information disclosure.
Connect-CMS
code-execution
vulnerability
2r
1t
high
advisory
Connect CMS Improper Authorization Vulnerability
2 rules 1 TTPAn improper authorization vulnerability in Connect CMS allows authenticated users to modify arbitrary user profile information, potentially leading to account takeover and unauthorized data modification on affected versions 1.x <= 1.41.0 and 2.x <= 2.41.0.
Connect CMS
connect-cms
authorization
account-takeover
web-application
2r
1t