XXE in Slovensko.digital Autogram
CVE-2026-3511
Improper Restriction of XML External Entity Reference vulnerability in XMLUtils.java in Slovensko.Digital Autogram allows remote unauthenticated attacker to conduct SSRF (Server Side Request Forgery) attacks and obtain unauthorized access…
Vulnerability class: XXE (XML External Entity)
EPSS: 0.001 (20.7th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.6 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N.
Affected products
- Slovensko.digital Autogram — versions 0
Weakness classification (CWE)
References
Frequently asked questions
- What is CVE-2026-3511?
- CVE-2026-3511 is a high-severity vulnerability in Slovensko.digital Autogram, classified under Improper Restriction of XML External Entity Reference (XXE). CVSS score: 8.6/10. Published 2026-03-19.
- How severe is CVE-2026-3511?
- High severity. CVSS v3 base score is 8.6 out of 10.