๐Ÿ” CVE Alert

CVE-2026-21628

UNKNOWN 0.0

Extension - astroidframe.work - Unauthenticated Remote Code Execution in Astroid Framework 2.0.0 - 3.3.10 for Joomla

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

A improperly secured file management feature allows uploads of dangerous data types for unauthenticated users, leading to remote code execution.

CWE CWE-434
Vendor astroidframe.work
Product astroid template framework
Published Mar 5, 2026
Last Updated Mar 5, 2026
Stay Ahead of the Next One

Get instant alerts for astroidframe.work astroid template framework

Be the first to know when new unknown vulnerabilities affecting astroidframe.work astroid template framework are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

astroidframe.work / Astroid Template Framework
2.0.0-3.3.10

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
astroidframe.work: https://astroidframe.work

Credits

๐Ÿ” David Jardin / Joomla Security Strike Team