Wem

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-22789 MEDIUM PATCH This Month

WebErpMesv2 is a Resource Management and Manufacturing execution system Web for industry. [CVSS 5.4 MEDIUM]

PHP RCE Wem
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-22788 HIGH POC PATCH This Week

WebErpMesV2 versions prior to 1.19 expose unauthenticated API endpoints that allow remote attackers to read sensitive manufacturing and business data including orders, quotes, and tasks without credentials. Public exploit code exists for this vulnerability, and attackers can additionally create company records and manipulate collaboration whiteboards. A patch is available in version 1.19 and should be applied immediately to restrict API access.

Authentication Bypass Wem
NVD GitHub
CVSS 3.1
8.2
EPSS
0.3%
CVE-2026-22789
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

WebErpMesv2 is a Resource Management and Manufacturing execution system Web for industry. [CVSS 5.4 MEDIUM]

PHP RCE Wem
NVD GitHub
CVE-2026-22788
EPSS 0% CVSS 8.2
HIGH POC PATCH This Week

WebErpMesV2 versions prior to 1.19 expose unauthenticated API endpoints that allow remote attackers to read sensitive manufacturing and business data including orders, quotes, and tasks without credentials. Public exploit code exists for this vulnerability, and attackers can additionally create company records and manipulate collaboration whiteboards. A patch is available in version 1.19 and should be applied immediately to restrict API access.

Authentication Bypass Wem
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy