What is CVE-2026-4239?

CVE-2026-4239 is a low-severity vulnerability in Lagom Whmcs Template, classified under Code Injection. CVSS score: 3.5/10. Published 2026-03-16.

How severe is CVE-2026-4239?

Low severity. CVSS v3 base score is 3.5 out of 10.

RCE in Lagom Whmcs Template

CVE-2026-4239

A vulnerability was found in Lagom WHMCS Template up to 2.3.7. Impacted is an unknown function of the component Datatables. The manipulation results in improperly controlled modification of object prototype attributes. It is possible to la…

Vulnerability class: RCE (Remote Code Execution)

EPSS: 0.001 (16.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 3.5 (Low). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N.

Affected products

Lagom Whmcs Template — versions 2.3.0, 2.3.1, 2.3.2

Weakness classification (CWE)

References

VDB-351181 | Lagom WHMCS Template Datatables prototype pollution (vdb-entry)
VDB-351181 | CTI Indicators (IOB, IOC, TTP) (signature, permissions-required)
Submit #771350 | Lagom Lagom WHMCS Template * Prototype Pollution (third-party-advisory)
cna@vuldb.com (exploit)
cna@vuldb.com (exploit)

Frequently asked questions

What is CVE-2026-4239?: CVE-2026-4239 is a low-severity vulnerability in Lagom Whmcs Template, classified under Code Injection. CVSS score: 3.5/10. Published 2026-03-16.
How severe is CVE-2026-4239?: Low severity. CVSS v3 base score is 3.5 out of 10.