Threats Tagged 'cve-2026-3955'
View all threats tagged with 'cve-2026-3955'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cve-2026-3955'
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-3955: Code Injection in elecV2PCVE-2026-3955 0 CVE-2026-3955 is a medium-severity code injection vulnerability affecting elecV2P versions up to 3.8.3. The flaw exists in the runJSFile function within the jsfile endpoint, allowing remote attackers to inject and execute arbitrary code without authentication or user interaction. Although the vulnerability has a CVSS score of 5.3, exploitation requires low privileges but no user interaction, and impacts confidentiality, integrity, and availability to a limited extent. The vulnerability was responsibly disclosed but remains unpatched as of the publication date. No known exploits are currently observed in the wild. Organizations using elecV2P should prioritize mitigating this risk due to the potential for remote code execution. Countries with significant elecV2P usage and strategic interest in automation or IoT deployments are most at risk. Join the discussion | CVE Database V5 | 03/11/2026, 20:32:08 UTC Added: 03/11/2026, 20:44:50 UTC |
Showing 1 to 1 of 1 result