CVE Catalog

CVE-2026-40721

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Summary

Versions of Element Pack Pro up to 9.0.6 are vulnerable to local file inclusion, potentially allowing attackers to access sensitive data on the server.

Risk Assessment

Organizations may be exposed to data leaks or unauthorized access to systems, which can lead to serious legal and financial consequences.

Recommendation

It is recommended to update Element Pack Pro to the latest version to mitigate this vulnerability.

Original NVD description (English source)

Contributor Local File Inclusion in Element Pack Pro <= 9.0.6 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS