CVE-2026-11621EPSS p12.1%

CVE-2026-11621CVE-2026-11621

Description

A weakness has been identified in Dcat-Admin up to 2.2.3-beta. This impacts the function editorMDUpload of the file /admin/dcat-api/editor-md/upload of the component User Setting Page. This manipulation of the argument editormd-image-file causes unrestricted upload. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks.

Scoring

CVSS 4.7 ()
VectorCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
EPSS0.22% probability of exploitation · percentile 12.1% · 2026-06-18T12:00:27Z
Last modified2026-06-09

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-65656
CVE
CVE-2026-0566
CVE
CVE-2025-13030
CVE
CVE-2026-2133
CVE
CVE-2025-4291
CVE
CVE-2026-2684
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.