PatchSiren

MacCMS CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

LOW MacCMS CVE published 2026-07-13

CVE-2026-15516

A vulnerability was detected in MacCMS Pro up to 2022.1000.3005. The function step5 of the file application/install/controller/Index.php of the component Installation Module is impacted, leading to authorization bypass. The attack may be launched remotely with high complexity and is considered difficult to exploit. Upgrading to version 2022.1000.3025 is recommended. This vulnerability has a CVSS score of [truncated]