Sanluan PublicCMS DocToHtmlUtils.java ZipSecureFile.setMinflateRatio resource consumption_CVE-2026-6797

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X

Description

A vulnerability was identified in Sanluan PublicCMS up to 6.202506.d. Affected by this vulnerability is the function ZipSecureFile.setMinflateRatio of the file common/src/main/java/com/publiccms/common/tools/DocToHtmlUtils.java. Such manipulation leads to resource consumption. It is possible to launch the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.

Basic Information

ID CVE-2026-6797

Source VulDB

Published Apr 21, 2026 at 20:45

Affected Product

Vendor Sanluan

Product PublicCMS

Version 6.202506.a

Affected Versions Sanluan PublicCMS 6.202506.a
Sanluan PublicCMS 6.202506.b
Sanluan PublicCMS 6.202506.c
Sanluan PublicCMS 6.202506.d

CWE Classification

CWE-400 CWE-404

References

{
    "lastseen": "",
    "description": "A vulnerability was identified in Sanluan PublicCMS up to 6.202506.d. Affected by this vulnerability is the function ZipSecureFile.setMinflateRatio of the file common/src/main/java/com/publiccms/common/tools/DocToHtmlUtils.java. Such manipulation leads to resource consumption. It is possible to launch the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.",
    "published": "2026-04-21T20:45:13.606Z",
    "modified": "2026-04-21T20:45:13.606Z",
    "type": "cve",
    "title": "Sanluan PublicCMS DocToHtmlUtils.java ZipSecureFile.setMinflateRatio resource consumption",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/358491\nhttps://vuldb.com/vuln/358491/cti\nhttps://vuldb.com/submit/794798",
    "id": "CVE-2026-6797",
    "bulletinFamily": "",
    "cwe": [
        "CWE-400",
        "CWE-404"
    ],
    "cvelist": null,
    "sourceData": "Sanluan PublicCMS 6.202506.a\nSanluan PublicCMS 6.202506.b\nSanluan PublicCMS 6.202506.c\nSanluan PublicCMS 6.202506.d",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "PublicCMS",
    "version": "6.202506.a",
    "vendor": "Sanluan",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}