cbcvebase.

Hyland Alfresco Community vulnerabilities

4 known vulnerabilities affecting hyland/alfresco_community.

Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH2

Vulnerabilities

Page 1 of 1
CVE-2026-26339P2CRITICALCVSS 9.8fixed in 5.2.42026-02-19
CVE-2026-26339 [CRITICAL] CWE-918 CVE-2026-26339: Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve remote code execu Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve remote code execution through the argument injection vulnerability, which exists in the document processing functionality.
nvd
CVE-2026-26338P3CRITICALCVSS 9.8fixed in 5.3.02026-02-19
CVE-2026-26338 [CRITICAL] CWE-918 CVE-2026-26338: Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve server-side reque Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve server-side request forgery (SSRF) through the document processing functionality.
nvd
CVE-2026-26337P3HIGHCVSS 8.2fixed in 5.3.02026-02-19
CVE-2026-26337 [HIGH] CWE-36 CVE-2026-26337: Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve both arbitrary fi Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve both arbitrary file read and server-side request forgery through the absolute path traversal.
nvd
CVE-2026-26336P3HIGHCVSS 7.5fixed in 25.3.02026-02-19
CVE-2026-26336 [HIGH] CWE-863 CVE-2026-26336: Hyland Alfresco allows unauthenticated attackers to read arbitrary files from protected directories Hyland Alfresco allows unauthenticated attackers to read arbitrary files from protected directories (like WEB-INF) via the "/share/page/resource/" endpoint, thus leading to the disclosure of sensitive configuration files.
nvd
Hyland Alfresco Community vulnerabilities | cvebase