PatchSiren

Hyland CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

CRITICAL Hyland CVE published 2026-07-01

CVE-2026-58127

PACSgear MediaWriter 5.2.1 is vulnerable to unauthenticated remote code execution via a .NET Remoting TCP service on port 9000. The service, registered with ObjectURIs RemoteObj and UIRemoteObj, lacks authentication. An attacker can exploit this using the MarshalByRefObject object unmarshalling technique and .NET WebClient class methods to read and write arbitrary files. Chaining this with DLL hijacking i [truncated]