What is CVE-2026-6797?

CVE-2026-6797 is a medium-severity vulnerability in Sanluan Publiccms, classified under Uncontrolled Resource Consumption. CVSS score: 4.3/10. Published 2026-04-21.

How severe is CVE-2026-6797?

Medium severity. CVSS v3 base score is 4.3 out of 10.

Resource exhaustion in Sanluan Publiccms

CVE-2026-6797

A vulnerability was identified in Sanluan PublicCMS up to 6.202506.d. Affected by this vulnerability is the function ZipSecureFile.setMinflateRatio of the file common/src/main/java/com/publiccms/common/tools/DocToHtmlUtils.java. Such manip…

Vulnerability class: DoS (Denial of Service)

EPSS: 0.000 (14.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:X/RL:X/RC:X.

Affected products

Sanluan Publiccms — versions 6.202506.a, 6.202506.b, 6.202506.c

Weakness classification (CWE)

References

VDB-358491 | Sanluan PublicCMS DocToHtmlUtils.java ZipSecureFile.setMinflateRatio resource consumption (vdb-entry, technical-description)
VDB-358491 | CTI Indicators (IOB, IOC, TTP, IOA) (signature, permissions-required)
Submit #794798 | PublicCMS V6.202506.d Improper Handling of Highly Compressed Data (Data Amplification) (third-party-advisory)

Frequently asked questions

What is CVE-2026-6797?: CVE-2026-6797 is a medium-severity vulnerability in Sanluan Publiccms, classified under Uncontrolled Resource Consumption. CVSS score: 4.3/10. Published 2026-04-21.
How severe is CVE-2026-6797?: Medium severity. CVSS v3 base score is 4.3 out of 10.