CVE-2026-6807

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score

5.5 / 10

Vector String

                                        CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N                                    

Vulnerability Description

A vulnerability in GRASSMARLIN v3.2.1 allows crafted session data to
trigger improper handling of XML input, which may result in unintended
exposure of sensitive information. The flaw stems from insufficient
hardening of the XML parsing process.

Vulnerability Details

Published Date

April 28, 2026

Last Modified

April 28, 2026

CWE ID

CWE-611

Source

NVD

External References

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-118-01.json
https://www.cisa.gov/news-events/ics-advisories/icsa-26-118-01

CVE-2026-6807

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment