QSearchQSearch

CVE-2026-44672

mapfish-print is a component of MapFish for printing templated cartographic maps

Published: 2026-05-28 · Last updated: 2026-06-01

Severity and scoring

CWE
CWE-94

Description

mapfish-print is a component of MapFish for printing templated cartographic maps. From 3.23.0 to before 3.28.28, 3.30.30, 3.31.22, 3.33.14, and 4.0.3, the attacker can execute arbitrary code in Dynamic table without being authenticated. This vulnerability is fixed in 3.28.28, 3.30.30, 3.31.22, 3.33.14, and 4.0.3.

Source: NVD

References

Related CVEs

Same CWE

  • CVE-2026-24155 NVIDIA NeMo Framework for all platforms contains a code injection vulnerability (7.8 HIGH)
  • CVE-2026-49774 Improper Control of Generation of Code ('Code Injection') vulnerability in Filipe Nasc RD Station allows Remote Code Inclusion (9.9 CRITICAL)
  • CVE-2026-48017 DbGate is cross-platform database manager (8.8 HIGH)
  • CVE-2026-48836 Unauthenticated Remote Code Execution (RCE) in Easy Invoice <= 2.1.19 versions (10.0 CRITICAL)
  • CVE-2026-48124 Cursor is a code editor built for programming with AI