LOW
Bv3acdnplbr
CVE published 2026-05-09
CVE-2026-8211
CVE-2026-8211 is a code-injection issue reported in codelibs Fess up to 15.5.1. The source describes an affected update function in the admin design/JSP file handler path, where manipulating the content argument can lead to code injection from a remote attacker with the required privileges. The supplied record also says a public exploit exists and that the vendor did not respond to early disclosure outreach.