CVE-2026-14261
Last modified
CVE-2026-14261 is a critical-severity vulnerability rated 9.1/10 on the CVSS scale. A vulnerability in the Xerte Online Tools allows for authentication bypass and remote code execution via reinstallation through the /setup/ folder, enabling attackers to reinstall the service to a remote database they control..
Description
A vulnerability in the Xerte Online Tools allows for authentication bypass and remote code execution via reinstallation through the /setup/ folder, enabling attackers to reinstall the service to a remote database they control.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Affected Software
Source: CNA advisory (CVE.org). NVD analysis pending.
| Vendor | Product | Versions |
|---|---|---|
| Xerte | Xerte Online Tools | < 3.14.6 |
| Xerte | Xerte Online Tools | < 3.15.5 |
References
Timeline
- Published
- Last Modified
- Status
- Deferred
Frequently Asked Questions
What is CVE-2026-14261?
How severe is CVE-2026-14261?
How do I fix CVE-2026-14261?
Related CVEs from 2026
- CVE-2026-14245The miniOrange OTP Login, Verification and SMS Notifications…9.8
- CVE-2026-14249The Request a Quote plugin for WordPress is vulnerable to Co…7.5
- CVE-2026-1425A security flaw has been discovered in pymumu SmartDNS up to…6.3
- CVE-2026-14250The Themehunk Login Registration plugin for WordPress is vul…6.3
- CVE-2026-14258A flaw was found in dhcpcd's IPv6 Neighbor Discovery Router …6.5
- CVE-2026-1426The Advanced AJAX Product Filters plugin for WordPress is vu…8.8
- CVE-2026-14265Deserialization of untrusted data in the RemoteQueryCachePlu…8.8
- CVE-2026-1427Single Sign-On Portal System developed by WellChoose has a O…8.8
- CVE-2026-14278Rejected reason: After further coordination, CVE was determi…
- CVE-2026-1428Single Sign-On Portal System developed by WellChoose has a O…8.8
- CVE-2026-1429Single Sign-On Portal System developed by WellChoose has a R…5.4
- CVE-2026-1430The WP Lightbox 2 WordPress plugin before 3.0.7 does not san…4.8
Are you affected by CVE-2026-14261?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST
