CVE-2026-55247
AI description
CVE-2026-55247 is a recently reserved vulnerability identifier, with details published on June 23, 2026. This CVE is associated with a Denial of Service (DoS) vulnerability that can be triggered through iCalendar import functionality. The affected component is `plone.app.event`, where the vulnerability allows for a denial of service.
- Description
- -
- Hype score
- Not currently trending
⚠️⚠️ CVE-2026-57149 (CVSS 9.9) + CVE-2026-55247 (CVSS 9.1) + CVE-2026-55248 (CVSS 9.1): Plone patch bundle — Classic portlet TALES injection to RCE (auth + portlet mgmt required) plus https://t.co/OiyJHJii9P.event DoS/SSRF/XSS issues. 🔗FOFA Link: https://t.co/BAScQ0W
@fofabot
3 Jul 2026
3558 Impressions
6 Retweets
17 Likes
2 Bookmarks
0 Replies
0 Quotes
Plone CMSに重大(Critical)な脆弱性。CVE-2026-57149はCVSSスコア9.9で、TALESインジェクションによる遠隔コード実行。CVE-2026-55247とCVE-2026-55248は双方CVSSスコア9.1で、それぞれiCal及びRSSからDoS、SSRF、及びXSSが可能。修正版
@__kokumoto
1 Jul 2026
489 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes