cbcvebase.
CVE-2026-9645
published 2026-05-28

CVE-2026-9645: Exposed methods allow authenticated users to create and execute arbitrary JavaScript code on the server. The scripts execute with full access, enabling…

PriorityP265critical9.9CVSS 3.1
AVNACLPRLUINSCCHIHAH
EPSS
0.32%
23.3th percentile
Exposed methods allow authenticated users to create and execute arbitrary JavaScript code on the server. The scripts execute with full access, enabling complete system compromise as commands are executed as root.

Affected

1 ranges
VendorProductVersion rangeFixed in
scadabrscadabr
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.