CVE-2026-8931
A critical Remote Code Execution (RCE) vulnerability exists in Disig Web Signer versions 2.0.3 through 2.5.3
Published: 2026-06-01 · Last updated: 2026-06-01
Severity and scoring
- CWE
- CWE-94
Description
A critical Remote Code Execution (RCE) vulnerability exists in Disig Web Signer versions 2.0.3 through 2.5.3.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-8931
- [Other]https://download.disigcdn.sk/cdn/products/websigner2/changelog.en.txt
- [Other]https://download.disigcdn.sk/cdn/products/websigner2/changelog.sk.txt
- [Other]https://qesportal.sk/Portal/en/Info/News#websigner255
- [Other]https://qesportal.sk/Portal/sk/Info/News#websigner255
- [Other]https://www.disig.sk/en/news/important-update-of-the-web-signer-application/
- [Other]https://www.disig.sk/sk/aktuality/dolezita-aktualizacia-aplikacie-web-signer/
Related CVEs
Same CWE
- CVE-2026-24155 — NVIDIA NeMo Framework for all platforms contains a code injection vulnerability (7.8 HIGH)
- CVE-2026-49774 — Improper Control of Generation of Code ('Code Injection') vulnerability in Filipe Nasc RD Station allows Remote Code Inclusion (9.9 CRITICAL)
- CVE-2026-48017 — DbGate is cross-platform database manager (8.8 HIGH)
- CVE-2026-48836 — Unauthenticated Remote Code Execution (RCE) in Easy Invoice <= 2.1.19 versions (10.0 CRITICAL)
- CVE-2026-48124 — Cursor is a code editor built for programming with AI