CVE Catalog

CVE-2026-48836

CriticalCVSS 10.0
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.57%

43th percentile — higher than 43% of all known CVEs

Summary

There is an unauthenticated remote code execution (RCE) vulnerability in Easy Invoice versions <= 2.1.19.

Risk Assessment

An attacker can remotely execute arbitrary code on the server, potentially leading to serious security breaches and data loss.

Recommendation

It is recommended to upgrade to the latest version of Easy Invoice to mitigate this vulnerability.

Original NVD description (English source)

Unauthenticated Remote Code Execution (RCE) in Easy Invoice <= 2.1.19 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS