What is the CVSS score of EUVD-2026-30773?

EUVD-2026-30773 has a CVSS 3.1 base score of 7.3 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L. EPSS exploitation probability: 0.1%.

Which versions of Offline Hospital Management System are affected by EUVD-2026-30773?

Offline Hospital Management System 5.3.0 contains a remote code execution vulnerability enabling unauthenticated attackers to execute arbitrary system commands, directly threatening operational…

Offline Hospital Management System EUVD-2026-30773

| CVE-2026-26462 HIGH

Improper Neutralization of Special Elements used in an Expression Language Statement (CWE-917)

2026-05-18 mitre

GHSA-53vh-ccq9-xwq5

RCE Node.js

7.3

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

Lifecycle Timeline

Analysis Generated

May 19, 2026 - 14:22 vuln.today

CVSS changed

May 19, 2026 - 14:22 NVD

7.3 (HIGH)

CVE Published

May 18, 2026 - 00:00 nvd

UNKNOWN (no severity yet)

DescriptionNVD

Offline Hospital Management System 5.3.0 allows remote code execution due to an improper Electron renderer configuration. The application enables Node.js integration while disabling context isolation, allowing JavaScript executed in the renderer process to access Node.js APIs and execute arbitrary operating system commands.

AnalysisAI

Remote code execution in Offline Hospital Management System 5.3.0 stems from an insecure Electron renderer configuration where Node.js integration is enabled while context isolation is disabled, allowing JavaScript in the renderer to invoke Node.js APIs and run arbitrary OS commands. The flaw carries a CVSS 7.3 with network attack vector and no privileges required, though EPSS is low at 0.06% and no public exploit identified at time of analysis beyond a Medium write-up describing the technique.

RemediationAI

24 HOURS: Conduct inventory of systems running OHMS 5.3.0; restrict network access and isolate non-critical deployments; apply all available Electron framework security patches. 7 DAYS: Implement network segmentation limiting system accessibility; disable Node.js integration in Electron renderer configuration where operationally feasible; enable context isolation. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

EUVD-2026-30773 vulnerability details – vuln.today

Back