PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-46686 emlog CVE debrief

CVE-2026-46686 is a reflected cross-site scripting vulnerability in Emlog 2.6.13 and earlier. The vulnerability exists in the admin backend user search module's keyword parameter, which is processed with addslashes but not HTML-escaped before being rendered into the value attribute in admin/views/user.php. This allows an attacker to inject malicious JavaScript code, potentially leading to reflected cross-site scripting attacks in an administrator's backend session. The vulnerability has a CVSS score of 8.5 and is considered HIGH severity.

Vendor
emlog
Product
Unknown
CVSS
HIGH 8.5
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-16
Original CVE updated
2026-07-16
Advisory published
2026-07-16
Advisory updated
2026-07-16

Who should care

Administrators and users of Emlog 2.6.13 and earlier versions should be aware of this vulnerability and take necessary precautions to prevent exploitation. This includes applying patches or updates as soon as they become available, implementing input validation and output encoding to prevent cross-site scripting attacks, and monitoring for suspicious activity.

Technical summary

The vulnerability is caused by the lack of proper HTML-escaping of user-input data in the keyword parameter of the admin backend user search module. This allows an attacker to inject malicious JavaScript code, potentially leading to reflected cross-site scripting attacks. The vulnerability affects Emlog 2.6.13 and earlier versions. Administrators and users of Emlog should be aware of this vulnerability and take necessary precautions to prevent exploitation.

Defensive priority

High

Recommended defensive actions

  • Apply patches or updates as soon as they become available.
  • Implement input validation and output encoding to prevent cross-site scripting attacks.
  • Monitor for suspicious activity and implement compensating controls to detect and prevent exploitation.
  • Review compensating controls for exposed systems while remediation is scheduled and verified.
  • Check relevant monitoring, detection, and logs for exposed assets that need extra review.
  • Track exceptions, retest remediated assets, and close the item only after evidence is documented.
  • Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up.

Evidence notes

The CVE record was published on 2026-07-16T18:16:44.063Z and last modified on 2026-07-16T19:16:47.260Z. The NVD entry is currently 8.5 HIGH. The vulnerability is a reflected cross-site scripting issue in the admin backend user search module's keyword parameter of Emlog 2.6.13 and earlier. The CVE record was sourced from nvd_modified. Defenders should verify the existence of affected product deployments and review official advisories for scope, severity, and guidance.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-16T18:16:44.063Z and has not been modified since then.