Threat Intel

v0.1

← CVEs

CVE-2026-2682

MED 6.3
Published
2026-02-18
Last Modified
2026-03-03
Affected Apps
10
Affected Devices
11
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
A vulnerability has been found in Tsinghua Unigroup Electronic Archives System up to 3.2.210802(62532). Impacted is an unknown function of the file /mine/PublicReport/prinReport.html?token=java. Such manipulation of the argument comid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Affected Applications in Environment 10
Electron v11.3.0
2 devices
Electron v41.1.0
1 device
Electron v22.0.2
1 device
Electron v33.4.11
1 device
Electron v40.7.0
2 devices
Electron v35.0.2
1 device
Electron v2.6.44.0
1 device
Electron v36.3.2
1 device
Electron v2.6.24.0
1 device
Electron v2.7.12.0
1 device
Affected Devices 11
DESKTOP-L6E0UMI Windows DPAPSB-ERICWES Windows DPAPSB-MILENA Windows DPCPD-9S07D14 Windows DPENGR-L1283ZH5 Windows DPINTC-8TJQMC4 Windows DPSTFS-2NWN924 Windows DPSTFS-BV4TZ84 Windows FTB-DL7350-08 Windows HPER-106697 Windows USULOAN347 Windows
References 5