What is CVE-2026-41468?

CVE-2026-41468 is a high-severity vulnerability in Beghelli Sicuroweb (Sicuro24), classified under CWE-1104. CVSS score: 8.7/10. Published 2026-04-22.

How severe is CVE-2026-41468?

High severity. CVSS v3 base score is 8.7 out of 10.

Vulnerability in Beghelli Sicuroweb (Sicuro24)

CVE-2026-41468

Beghelli Sicuro24 SicuroWeb embeds AngularJS 1.5.2, an end-of-life component containing known sandbox escape primitives. When combined with template injection present in the same application, these primitives allow attackers to escape the…

EPSS: 0.001 (22.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.7 (High). Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L.

Affected products

Beghelli Sicuroweb (Sicuro24) — versions 0

Weakness classification (CWE)

CWE-1104

References

www.boffsec-services.com/posts/sicuroweb-cve-2026-22191/ (technical-description, exploit)
github.com/kmkz/Exploits/blob/master/2026/CVE-2026-22191-POC.py (exploit)
github.com/kmkz/Exploits/blob/master/2026/CVE-2026-22191-SicuroWeb-ATI-chain.txt (technical-description)
www.beghelli.it (product)
www.vulncheck.com/advisories/beghelli-sicuro24-sicuroweb-angularjs-sandbox-esca… (third-party-advisory)

Frequently asked questions

What is CVE-2026-41468?: CVE-2026-41468 is a high-severity vulnerability in Beghelli Sicuroweb (Sicuro24), classified under CWE-1104. CVSS score: 8.7/10. Published 2026-04-22.
How severe is CVE-2026-41468?: High severity. CVSS v3 base score is 8.7 out of 10.