CVE Catalog

CVE-2026-40783

CriticalCVSS 9.9
Published: Updated: Translated: NVD NIST

Summary

Versions of Blocksy Companion Pro up to 2.1.37 have a vulnerability allowing remote code execution (RCE) by unauthorized users.

Risk Assessment

An attacker could exploit this vulnerability to remotely execute code on the server, potentially leading to system takeover.

Recommendation

It is recommended to update to the latest version of Blocksy Companion Pro to mitigate this vulnerability.

Original NVD description (English source)

Contributor Remote Code Execution (RCE) in Blocksy Companion Pro <= 2.1.37 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS