CVE Catalog

CVE-2026-38615

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.02%

5th percentile — higher than 5% of all known CVEs

Summary

DedeCMS version 5.7.118 is vulnerable to Command Execution in file_manage_control.php.

Risk Assessment

Exploitation of this vulnerability could lead to unauthorized access and control over the system by an attacker.

Recommendation

It is recommended to update DedeCMS to the latest version to mitigate this vulnerability.

Original NVD description (English source)

DedeCMS V5.7.118 is vulnerable to Command Execution in file_manage_control.php.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS