CVE-2026-26746

{"id": "CVE-2026-26746", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2026-02-20T17:25:55.920", "references": [{"url": "https://github.com/hungnqdz/CVE-2026-26746/blob/main/CVE-2026-26746.md", "tags": ["Exploit", "Mitigation", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/opensourcepos/opensourcepos", "tags": ["Product"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-434"}]}], "descriptions": [{"lang": "en", "value": "OpenSourcePOS 3.4.1 contains a Local File Inclusion (LFI) vulnerability in the Sales.php::getInvoice() function. An attacker can read arbitrary files on the web server by manipulating the Invoice Type configuration. This issue can be chained with the file upload functionality to achieve Remote Code Execution (RCE)."}, {"lang": "es", "value": "OpenSourcePOS 3.4.1 contiene una vulnerabilidad de Inclusi\u00f3n Local de Ficheros (LFI) en la funci\u00f3n Sales.php::getInvoice(). Un atacante puede leer ficheros arbitrarios en el servidor web manipulando la configuraci\u00f3n de Tipo de Factura. Este problema puede encadenarse con la funcionalidad de subida de ficheros para lograr Ejecuci\u00f3n Remota de C\u00f3digo (RCE)."}], "lastModified": "2026-02-24T20:42:28.327", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:opensourcepos:open_source_point_of_sale:3.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8EC6C4DB-C7B4-46A5-9479-851918C55014"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}