平台
java
组件
publiccms-parent-publiccms-core
修复版本
4.0.202507
4.0.202507
5.202506.1
5.202506.1
5.202506.1
6.202506.1
CVE-2026-5987 describes a template injection vulnerability discovered in Sanluan PublicCMS, affecting versions from 4.0.202506.a to 6.202506.d. This flaw resides within the FreeMarker Template Handler, specifically in the AbstractFreemarkerView.doRender function. Successful exploitation allows for remote code execution, potentially compromising the entire system. While the vendor has been notified, no official patch has been released as of the publication date.
The template injection vulnerability in Sanluan PublicCMS allows an attacker to inject arbitrary code into the rendered templates. This can lead to a wide range of malicious activities, including but not limited to, unauthorized access to sensitive data, modification of website content, and even complete system takeover. The ability to execute code remotely significantly expands the attack surface and increases the potential for data breaches and service disruption. Given the public disclosure of this exploit, it is highly likely that malicious actors are actively seeking to exploit vulnerable installations.
CVE-2026-5987 has been publicly disclosed, indicating a higher risk of exploitation. The vulnerability is present in Sanluan PublicCMS, a platform often used for smaller websites and blogs, potentially increasing the number of vulnerable targets. The availability of a public exploit further elevates the risk. The vulnerability has been added to the CISA KEV catalog, signifying a potential threat to critical infrastructure. No active exploitation campaigns have been publicly confirmed as of this writing.
Small to medium-sized businesses and organizations utilizing Sanluan PublicCMS for their websites or blogs are at significant risk. Those with legacy configurations or those who haven't implemented robust security practices are particularly vulnerable. Shared hosting environments using Sanluan PublicCMS are also at increased risk due to the potential for cross-site contamination.
• java / server:
find /var/log/ -name '*publiccms*' -mtime -7 | grep -i 'freemarker'• generic web:
curl -I https://your-publiccms-site.com/ | grep -i 'Content-Type: text/html'disclosure
漏洞利用状态
EPSS
0.06% (18% 百分位)
CISA SSVC
CVSS 向量
Due to the lack of an official patch from Sanluan PublicCMS, immediate mitigation strategies are crucial. While a direct fix is unavailable, consider implementing strict input validation on all user-supplied data used in template rendering. Employ a Web Application Firewall (WAF) with rules designed to detect and block template injection attempts. Regularly scan your PublicCMS installation for known vulnerabilities using automated security tools. Monitor system logs for suspicious activity related to template processing. If possible, consider migrating to an alternative CMS with active security support.
Actualice a una versión corregida de Sanluan PublicCMS. Dado que el proveedor no ha respondido, se recomienda evaluar alternativas o aplicar parches personalizados con precaución. Revise la configuración del FreeMarker Template Handler para mitigar posibles ataques de inyección de plantillas.
漏洞分析和关键警报直接发送到您的邮箱。
CVE-2026-5987 is a template injection vulnerability affecting Sanluan PublicCMS versions 4.0.202506.a through 6.202506.d, allowing attackers to inject malicious code into rendered templates.
You are affected if you are running Sanluan PublicCMS versions 4.0.202506.a to 6.202506.d and have not applied a patch (which is currently unavailable).
As no official patch is available, mitigation involves input validation, WAF rules, regular scanning, and monitoring system logs. Consider migrating to a supported CMS.
Due to public disclosure and the availability of an exploit, it is highly probable that CVE-2026-5987 is being actively targeted by malicious actors.
As of this writing, no official advisory has been published by Sanluan PublicCMS regarding CVE-2026-5987.
上传你的 pom.xml 文件,立即知道是否受影响。