Vulnerability in Craftercms

CVE-2026-1770

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may…

EPSS: 0.004 (34.1th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References