CVE-2026-41517 – Emlog: Remote Code Execution via Malicious Plugin Upload

CVE ID :CVE-2026-41517

Published : May 8, 2026, 9:50 p.m. | 35 minutes ago

Description :Emlog is an open source website building system. Prior to version 2.6.11, insecure plugin upload functionality allows attackers to upload and execute arbitrary PHP code, leading to complete server compromise and persistent backdoor installation. This issue has been patched in version 2.6.11.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…