CVE Catalog
CVE-2026-48836
CriticalCVSS 10.0Exploitation Probability (EPSS)
Low risk0.57%
43th percentile — higher than 43% of all known CVEs
Summary
There is an unauthenticated remote code execution (RCE) vulnerability in Easy Invoice versions <= 2.1.19.
Risk Assessment
An attacker can remotely execute arbitrary code on the server, potentially leading to serious security breaches and data loss.
Recommendation
It is recommended to upgrade to the latest version of Easy Invoice to mitigate this vulnerability.
Original NVD description (English source)
Unauthenticated Remote Code Execution (RCE) in Easy Invoice <= 2.1.19 versions.

