Fastcms

4 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-26682 HIGH POC This Week

Fastcms versions prior to 0.1.6 contain a code injection vulnerability in the PluginController component that allows local attackers with user-level privileges to execute arbitrary code with full system compromise. Public exploit code exists for this vulnerability, and no patch is currently available. Java environments running affected Fastcms instances are at risk of privilege escalation and complete system takeover.

Java Fastcms
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-3177 LOW POC Monitor

A vulnerability was found in FastCMS 0.1.5. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Information Disclosure Fastcms
NVD GitHub VulDB
CVSS 4.0
2.3
EPSS
0.3%
CVE-2025-2593 MEDIUM POC This Month

A vulnerability has been found in FastCMS up to 0.1.5 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Fastcms
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-1332 MEDIUM POC This Month

A vulnerability has been found in FastCMS up to 0.1.5 and classified as problematic. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Fastcms
NVD VulDB
CVSS 4.0
4.8
EPSS
0.0%
CVE-2026-26682
EPSS 0% CVSS 7.8
HIGH POC This Week

Fastcms versions prior to 0.1.6 contain a code injection vulnerability in the PluginController component that allows local attackers with user-level privileges to execute arbitrary code with full system compromise. Public exploit code exists for this vulnerability, and no patch is currently available. Java environments running affected Fastcms instances are at risk of privilege escalation and complete system takeover.

Java Fastcms
NVD GitHub
CVE-2025-3177
EPSS 0% CVSS 2.3
LOW POC Monitor

A vulnerability was found in FastCMS 0.1.5. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Information Disclosure Fastcms
NVD GitHub VulDB
CVE-2025-2593
EPSS 0% CVSS 5.3
MEDIUM POC This Month

A vulnerability has been found in FastCMS up to 0.1.5 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Fastcms
NVD GitHub VulDB
CVE-2025-1332
EPSS 0% CVSS 4.8
MEDIUM POC This Month

A vulnerability has been found in FastCMS up to 0.1.5 and classified as problematic. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Fastcms
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy