CVE-2026-30880

CRITICAL

baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has an OS command injection vulnerability in the installer. This issue has been patched in version 5.2.3.

CVSS v3.1 Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Complexity

LOW

Privileges

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Published: 3/31/2026Modified: 4/1/2026

Related Intelligence (1)

CRITICALVulnerability

NVD Critical: CVE-2026-30880 — baserCMS is a website development framework. Prior to version 5.2.3, baserCMS ha...

baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has an OS command injection vulnerability in the installer. This issue has been patched in version 5.2.3.

CVE-2026-30880

3d agoNIST NVD

References (3)

https://basercms.net/security/JVN_20837860Vendor Advisory https://github.com/baserproject/basercms/releases/tag/5.2.3Release Notes https://github.com/baserproject/basercms/security/advisories/GHSA-6hpg-8rx3-cwgvVendor Advisory

Command Palette

CVE-2026-30880

CVSS v3.1 Score

Related Intelligence (1)

NVD Critical: CVE-2026-30880 — baserCMS is a website development framework. Prior to version 5.2.3, baserCMS ha...

References (3)