CRITICAL
zyddnys
CVE published 2026-05-29
CVE-2026-10042
CVE-2026-10042 documents a critical remote code execution vulnerability in manga-image-translator, an open-source tool for translating text in manga images. The vulnerability exists in the shared API server mode, specifically within the share.py module, where two HTTP endpoints—/execute/{method_name} and /simple_execute/{method_name}—unsafely deserialize attacker-controlled request bodies using Python's p [truncated]