CVE-2026-12195
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
myVesta is affected by an authenticated remote code execution vulnerability. Low privileged users can insert arbitrary commands as a part of the v_ftp_user parameter when deleting FTP usernames. This could result in the execution of commands as the admin user or takevoer of the admin user in myVesta.
| CWE | CWE-78 |
| Vendor | myvesta |
| Product | vesta |
| Published | Jul 4, 2026 |
Stay Ahead of the Next One
Get instant alerts for myvesta vesta
Be the first to know when new unknown vulnerabilities affecting myvesta vesta are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
myvesta / vesta
0 < 95d7e43bf286d6881ca753dac93cb42d98cc7422