Threat Intel

v0.1

← CVEs

CVE-2026-2684

HIGH 7.3
Published
2026-02-19
Last Modified
2026-03-03
Affected Apps
10
Affected Devices
11
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
A vulnerability was determined in Tsinghua Unigroup Electronic Archives System up to 3.2.210802(62532). The impacted element is an unknown function of the file /Archive/ErecordManage/uploadFile.html. Executing a manipulation of the argument File can lead to unrestricted upload. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
Affected Applications in Environment 10
Electron v11.3.0
2 devices
Electron v41.1.0
1 device
Electron v22.0.2
1 device
Electron v33.4.11
1 device
Electron v40.7.0
2 devices
Electron v35.0.2
1 device
Electron v2.6.44.0
1 device
Electron v36.3.2
1 device
Electron v2.6.24.0
1 device
Electron v2.7.12.0
1 device
Affected Devices 11
DESKTOP-L6E0UMI Windows DPAPSB-ERICWES Windows DPAPSB-MILENA Windows DPCPD-9S07D14 Windows DPENGR-L1283ZH5 Windows DPINTC-8TJQMC4 Windows DPSTFS-2NWN924 Windows DPSTFS-BV4TZ84 Windows FTB-DL7350-08 Windows HPER-106697 Windows USULOAN347 Windows
References 5