CVE-2026-46390EPSS p15.8%

CVE-2026-46390CVE-2026-46390

Description

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Starting in version 2.0.0 and prior to version 26.0.0, the gitlist plugin is exposed to unauthenticated users, allowing unauthenticated browsing of git repositories and git history. Version 26.0.0 patches the issue.

Scoring

EPSS0.25% probability of exploitation · percentile 15.8% · 2026-06-18T12:00:27Z
Last modified2026-06-09

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-46399
CVE
CVE-2026-46393
CVE
CVE-2026-46394
CVE
CVE-2026-46396
CVE
CVE-2026-46391
CVE
CVE-2026-46398
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.