๐Ÿ” CVE Alert

CVE-2026-21719

HIGH 7.2
CVSS Score
7.2
EPSS Score
0.0%
EPSS Percentile
0th

An OS command injection vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to execute an arbitrary OS command.

Vendor cubecart limited
Product cubecart
Published Apr 17, 2026
Last Updated Apr 17, 2026
Stay Ahead of the Next One

Get instant alerts for cubecart limited cubecart

Be the first to know when new high vulnerabilities affecting cubecart limited cubecart are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected Versions

CubeCart Limited / CubeCart
prior to 6.6.0

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
community.cubecart.com: https://community.cubecart.com/t/cubecart-6-6-0-released-the-biggest-update-in-years/62405 jvn.jp: https://jvn.jp/en/jp/JVN78422311/