What is CVE-2026-26462?

CVE-2026-26462 is a high-severity vulnerability in N/a, classified under Improper Neutralization of Special Elements used in an Expression Language Statement (Expression Language Injection). CVSS score: 7.3/10. Published 2026-05-18.

How severe is CVE-2026-26462?

High severity. CVSS v3 base score is 7.3 out of 10.

RCE in N/a

CVE-2026-26462

Offline Hospital Management System 5.3.0 allows remote code execution due to an improper Electron renderer configuration. The application enables Node.js integration while disabling context isolation, allowing JavaScript executed in the re…

Vulnerability class: Log4Shell (CVE-2021-44228)

EPSS: 0.003 (56.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.3 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L.

Affected products

N/a — versions n/a

Weakness classification (CWE)

CWE-917 — Improper Neutralization of Special Elements used in an Expression Language Statement (Expression Language Injection)

References

Frequently asked questions

What is CVE-2026-26462?: CVE-2026-26462 is a high-severity vulnerability in N/a, classified under Improper Neutralization of Special Elements used in an Expression Language Statement (Expression Language Injection). CVSS score: 7.3/10. Published 2026-05-18.
How severe is CVE-2026-26462?: High severity. CVSS v3 base score is 7.3 out of 10.