Remote Code Execution_CVE-2026-2740

8.4 / 10

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L

Description

Zohocorp ManageEngine ADSelfService Plus version before 6525, DataSecurity Plus before 6264 and RecoveryManager Plus before 6313 are vulnerable to Authenticated Remote code execution in the agent machines due to the bug in the 3rd party dependency.

Basic Information

ID CVE-2026-2740

Source Zohocorp

Published May 21, 2026 at 12:36

Affected Product

Vendor Zohocorp

Product ManageEngine ADSelfService Plus

Affected Versions Zohocorp ManageEngine ADSelfService Plus 0
Zohocorp ManageEngine DataSecurity Plus 0
Zohocorp ManageEngine RecoveryManager Plus 0

CWE Classification

CWE-77

References

www.manageengine.com /products/self-service-password/advisory/CVE-2026-2740.html

{
    "lastseen": "",
    "description": "Zohocorp ManageEngine ADSelfService Plus version before 6525, DataSecurity Plus before 6264 and RecoveryManager Plus before 6313 are vulnerable to Authenticated Remote code execution in the agent machines due to the bug in the 3rd party dependency.",
    "published": "2026-05-21T12:36:17.522Z",
    "modified": "2026-05-21T12:36:38.080Z",
    "type": "cve",
    "title": "Remote Code Execution",
    "source": "Zohocorp",
    "references": "https://www.manageengine.com/products/self-service-password/advisory/CVE-2026-2740.html",
    "id": "CVE-2026-2740",
    "bulletinFamily": "",
    "cwe": [
        "CWE-77"
    ],
    "cvelist": null,
    "sourceData": "Zohocorp ManageEngine ADSelfService Plus 0\nZohocorp ManageEngine DataSecurity Plus 0\nZohocorp ManageEngine RecoveryManager Plus 0",
    "sourceHref": "",
    "cvss": {
        "score": 8.4,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "ManageEngine ADSelfService Plus",
    "version": "0",
    "vendor": "Zohocorp",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}