Skip to main content

EUVD-2026-20756

| CVE-2026-3199 CRITICAL
Deserialization of Untrusted Data (CWE-502)
2026-04-08 103e4ec9-0a87-450b-af77-479448ddef11 GHSA-4685-c5cp-vp95 GHSA-48wf-g7cp-gr3m GHSA-5f9p-f3w2-fwch GHSA-6f6j-wx9w-ff4j GHSA-cfvj-7rx7-fc7c GHSA-fg3m-vhrr-8gj6 GHSA-gw85-xp4q-5gp9 GHSA-mqr9-vqhq-3jxw GHSA-q399-23r3-hfx4 GHSA-w2wq-7mq5-mvww GHSA-wm8r-w8pf-2v6w
RCE Deserialization
9.4
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
9.4 CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

4
Patch released
Apr 09, 2026 - 02:30 nvd
Patch available
EUVD ID Assigned
Apr 08, 2026 - 23:24 euvd
EUVD-2026-20756
Analysis Generated
Apr 08, 2026 - 23:24 vuln.today
CVE Published
Apr 08, 2026 - 23:16 nvd
CRITICAL 9.4

DescriptionCVE.org

A vulnerability in the task management component of Sonatype Nexus Repository versions 3.22.1 through 3.90.2 allows an authenticated attacker with task creation permissions to execute arbitrary code, bypassing the nexus.scripts.allowCreation security control.

AnalysisAI

Remote code execution in Sonatype Nexus Repository 3.22.1-3.90.2 allows authenticated attackers with task creation permissions to execute arbitrary code via unsafe deserialization in the task management component. Exploitation bypasses the nexus.scripts.allowCreation security control, granting unauthorized code execution on the server. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Authenticate to Nexus Repository
Exploit
Access task management component
Execution
Create malicious task bypassing nexus.scripts.allowCreation
Impact
Execute arbitrary code on server
Sign in to reveal

Vulnerability AssessmentAI

Exploitation Requires authenticated access to Sonatype Nexus Repository 3.22.1–3.90.2 with task creation permissions. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Critical severity for organizations running Nexus Repository 3.22.1-3.90.2 with task creation permissions assigned to standard users. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario Authenticated attacker with task creation permissions crafts a malicious serialized task object via the task management API. Deserialization during task processing (CWE-502) triggers arbitrary code execution, achieving RCE without invoking nexus.scripts.allowCreation. …
Remediation Vendor-released patch: upgrade to Sonatype Nexus Repository 3.91.0 or later, which addresses the deserialization vulnerability per official release notes (https://help.sonatype.com/en/sonatype-nexus-repository-3-91-0-release-notes.html). … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Recommended ActionAI

Within 24 hours: Identify all Nexus Repository instances running versions 3.22.1-3.90.2 and document task creation permission assignments. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-20756 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy