CVE-2026-22314_CVE-2026-22314

9 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

Description

Improper Control of Generation of Code ('Code Injection') vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component enables code execution on other users' systems. This issue affects Meona Client Launcher Component: through 19.06.2020 15:11:49; Meona Server Component: through 2025.04 5+323020.

AI Analysis

Code Injection vulnerability in Mesalvo Meona Client Launcher Component and Meona Server Component enables code execution on other users' systems.

Basic Information

ID CVE-2026-22314

Source ENISA

Published May 20, 2026 at 10:29

Affected Product

Vendor Mesalvo

Product Meona Client Launcher Component

Affected Versions Mesalvo Meona Client Launcher Component 0
Mesalvo Meona Server Component 0

CWE Classification

CWE-94

AI Assessment

AI Score 9 / 10

AI Severity Critical

Vendor Mesalvo

Product Meona Client Launcher Component, Meona Server Component

Version through 19.06.2020 15:11:49, through 2025.04 5+323020

References

seccore.at /blog/cves-meona/

{
    "lastseen": "",
    "description": "Improper Control of Generation of Code ('Code Injection') vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component enables code execution on other users' systems.\u00a0This issue affects Meona Client Launcher Component: through 19.06.2020 15:11:49; Meona Server Component: through 2025.04 5+323020.",
    "published": "2026-05-20T10:29:38.661Z",
    "modified": "2026-05-20T10:29:38.661Z",
    "type": "cve",
    "title": "CVE-2026-22314",
    "source": "ENISA",
    "references": "https://seccore.at/blog/cves-meona/",
    "id": "CVE-2026-22314",
    "bulletinFamily": "",
    "cwe": [
        "CWE-94"
    ],
    "cvelist": null,
    "sourceData": "Mesalvo Meona Client Launcher Component 0\nMesalvo Meona Server Component 0",
    "sourceHref": "",
    "cvss": {
        "score": 9,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Meona Client Launcher Component",
    "version": "0",
    "vendor": "Mesalvo",
    "ai_description": "Code Injection vulnerability in Mesalvo Meona Client Launcher Component and Meona Server Component enables code execution on other users' systems.",
    "ai_severity": "Critical",
    "ai_vendor": "Mesalvo",
    "ai_product": "Meona Client Launcher Component, Meona Server Component",
    "ai_version": "through 19.06.2020 15:11:49, through 2025.04 5+323020",
    "ai_score": 9
}