CVE-2026-11877 is a medium-severity vulnerability in OpenText Access Manager, allowing unauthorized users to modify configuration through API calls. This issue affects Access Manager before version 5.1.3. The vulnerability has a CVSS score of 6.3 and is considered a significant risk. OpenText has provided a vendor advisory for mitigation. Users of Access Manager should review their current version and con [truncated]
CVE-2017-5586 is a critical remote command execution issue in OpenText Documentum D2 4.x. According to the official record, a remote attacker can execute arbitrary commands by sending a crafted serialized Java object, with references to BeanShell and Apache Commons Collections libraries. Because the issue is network-reachable, requires no privileges, and needs no user interaction, exposed D2 instances sho [truncated]
CVE-2017-5585 is a high-severity remote authenticated injection issue in OpenText Documentum Content Server 7.3 when PostgreSQL is used and return_top_results_row_based is set to false. According to the NVD record, improper restriction of DQL hints can let an authenticated attacker perform DQL injection and execute arbitrary DML or DDL commands through a crafted request. The CVE description also notes thi [truncated]