CVE-2026-30460

HIGH SEVERITY

CVSS Score & Metrics

Base Score

8.8 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H                                    

Daylight Studio FuelCMS v1.5.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability in the Blocks module.

Published Date

April 07, 2026

Last Modified

April 09, 2026

CWE ID

NVD-CWE-noinfo

Source

NVD

Vendor

thedaylightstudio

Product

fuel_cms