Vulnerabilities

Report: CVE-2026-41282 - ProjectDiscovery Nuclei DSL Expression Injection Vulnerability - Analysis

2026-04-20 0 views admin

CVE ID :CVE-2026-41282 Published : April 20, 2026, 8:16 a.m. | 34 minutes ago Description :ProjectDiscovery Nuclei 3 before 3.8.0 allows DSL expression injection. This affects use of -env-vars for multi-step templates against untrusted targets (not the default configuration). Severity: 4.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-41282

Severity

MEDIUM

Published

April 20, 2026

🏷️ Tags

report41282projectdiscoverynucleiexpressioninjectionvulnerabilityanalysiscvecve-2026-41282

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: CVE-2026-41282 - ProjectDiscovery Nuclei DSL Expression Injection Vulnerability - Analysis

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: Essential Guide: CVE-2026-41145 - MinIO has an Unauthenticated Object Write via Query-String Credential Signature ...

Report: Update: CVE-2026-40344 - MinIO has an Unauthenticated Object Write via Missing Signature Verification in ...

Report: CVE-2026-41457 - OwnTone Server < 29.1 SQL Injection via query and filter Parameters

Report: Update: CVE-2026-6416 - Tanium addressed an uncontrolled resource consumption vulnerability in Interact.

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting