Wem-Project Wem vulnerabilities
2 known vulnerabilities affecting wem-project/wem.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2026-22789P2HIGHCVSS 8.8v1.182026-01-12
CVE-2026-22789 [HIGH] CVE-2026-22789: WebErpMesv2 is a Resource Management and Manufacturing execution system Web for industry. Prior to 1
WebErpMesv2 is a Resource Management and Manufacturing execution system Web for industry. Prior to 1.19, WebErpMesv2 contains a file upload validation bypass vulnerability in multiple controllers that allows authenticated users to upload arbitrary files, including PHP scripts, leading to Remote Code Execution (RCE). This vulnerability is identical in nature t
nvd
CVE-2026-22788P2HIGHCVSS 8.2fixed in 1.192026-01-12
CVE-2026-22788 [HIGH] CWE-306 CVE-2026-22788: WebErpMesv2 is a Resource Management and Manufacturing execution system Web for industry. Prior to 1
WebErpMesv2 is a Resource Management and Manufacturing execution system Web for industry. Prior to 1.19, the WebErpMesV2 application exposes multiple sensitive API endpoints without authentication middleware. An unauthenticated remote attacker can read business-critical data including companies, quotes, orders, tasks, and whiteboards. Limited write ac
nvd