Ctrl + K
/ news / CVE
CVEPublished 2026-06-07Modified 2026-06-080 articles on news5 live referencesNVD data

CVE-2026-11457

Vulnerability data via NVD (ingested)

CVSS v3.1
7.3
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
EPSS percentile
15
Exploit Prediction Scoring System · top 85% of all CVEs
Weaknesses (CWE)
CWE-74Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')CWE-707Improper Neutralization
Description

A security flaw has been discovered in erzhongxmu JeeWMS up to 141740afb2ba14d441c82a833d0a418d07ca2d69. This vulnerability affects unknown code of the file /base-boot/jmreport/testConnection of the component JimuReport test-connection Endpoint. Performing a manipulation of the argument dbType/dbDriver/dbUrl/dbUsername/dbPassword results in injection. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided. The vendor was contacted early about this disclosure but did not respond in any way.

Timeline
Published 2026-06-07
Modified 2026-06-08

External references

NVDMITREExploit-DBSploitusVulnCheck

Search for exposed instances

Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).

Shodan · vuln tag0 hosts
vuln:CVE-2026-11457
Hosts Shodan has explicitly fingerprinted as vulnerable.
More intel sources (5)
Shodan report
vuln:CVE-2026-11457
Country / ASN / product breakdown for the vuln query.
Censys
vulnerabilities.cve_id: CVE-2026-11457
Censys host search filtered to this CVE id.
grep.app
CVE-2026-11457
Public source-code mentions — fast PoC discovery.
GitHub code
CVE-2026-11457
GitHub code search for direct mentions.
Google dork
"CVE-2026-11457" exploit -site:nvd.nist.gov
Write-ups and news, NVD excluded.

Known PoCs on GitHub (5)

CVE-2026-114575 repos
Xuchen-Li/cv-arxiv-dailyPython
Automatically update arXiv papers about SOT & VLT, Multi-modal Learning, LLM and Video Understanding using Github Actions.
★ 46·updated today
XuzhaoLi/ro-arxiv-dailyPython
Automatically Update Arxiv Papers about Path Planning, LLM and Autonomous Driving using Github Actions since 2024.2.
★ 37·updated today
cnlinxi/LLM-paper-dailyPython
Automatically Update LLM Papers Daily using Github Actions. Ref: https://github.com/Vincentqyw/cv-arxiv-daily
★ 10·updated today
somegg90-blip/Vyala-Microsoft-agentsPython
An enterprise multi-agent system that scans an organisation's codebase for post-quantum cryptography (PQC) vulnerabilities
★ 1·updated today
cmivqa/ro-arxiv-dailyPython
Automatically Update Arxiv Papers Daily using Github Actions (Update Every 8th hours)
★ 1·updated today
We haven't classified any articles referencing CVE-2026-11457 yet. The external references above still apply.