CVE 8.6 HIGH

OpenKM 6.3.12 Remote Code Execution via Administrative Scripting_CVE-2026-42785

May 26, 2026 invoker category_cve

8.6 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

OpenKM 6.3.12 contains a remote code execution vulnerability that allows authenticated administrators to execute arbitrary Java/BeanShell code through the /admin/Scripting endpoint. Attackers can submit malicious script content with an action=Evaluate parameter to execute operating system commands in the context of the OpenKM application server.

AI Analysis

Remote code execution vulnerability in OpenKM 6.3.12 allowing authenticated administrators to execute arbitrary Java/BeanShell code

Basic Information

ID CVE-2026-42785

Source VulnCheck

Published May 26, 2026 at 14:08

Affected Product

Vendor Openkm

Product OpenKM Community Edition

Version 6.3.12

Affected Versions Openkm OpenKM Community Edition 0
Openkm OpenKM Professional Edition 0

CWE Classification

CWE-94

AI Assessment

AI Score 8.6 / 10

AI Severity High

Vendor OpenKM

Product OpenKM Community Edition

Version 6.3.12

References

{
    "lastseen": "",
    "description": "OpenKM 6.3.12 contains a remote code execution vulnerability that allows authenticated administrators to execute arbitrary Java/BeanShell code through the /admin/Scripting endpoint. Attackers can submit malicious script content with an action=Evaluate parameter to execute operating system commands in the context of the OpenKM application server.",
    "published": "2026-05-26T14:08:51.032Z",
    "modified": "2026-05-26T14:08:51.032Z",
    "type": "cve",
    "title": "OpenKM 6.3.12 Remote Code Execution via Administrative Scripting",
    "source": "VulnCheck",
    "references": "https://www.exploit-db.com/exploits/52520\nhttps://www.openkm.com/\nhttps://hub.docker.com/r/openkm/openkm-ce\nhttps://terrasystemlabs.com/post?slug=openkm-zero-day-vulnerabilities-terra-system-labs\nhttps://github.com/terrasystemlabs/Exploits/tree/main/OpenKM-Exploits\nhttps://github.com/terrasystemlabs/Exploits/tree/main/OpenKM-Exploits/nuclei-templates/openkm-remote-code-execution\nhttps://www.vulncheck.com/advisories/openkm-remote-code-execution-via-administrative-scripting",
    "id": "CVE-2026-42785",
    "bulletinFamily": "",
    "cwe": [
        "CWE-94"
    ],
    "cvelist": null,
    "sourceData": "Openkm OpenKM Community Edition 0\nOpenkm OpenKM Professional Edition 0",
    "sourceHref": "",
    "cvss": {
        "score": 8.6,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "OpenKM Community Edition",
    "version": "6.3.12",
    "vendor": "Openkm",
    "ai_description": "Remote code execution vulnerability in OpenKM 6.3.12 allowing authenticated administrators to execute arbitrary Java/BeanShell code",
    "ai_severity": "High",
    "ai_vendor": "OpenKM",
    "ai_product": "OpenKM Community Edition",
    "ai_version": "6.3.12",
    "ai_score": 8.6
}

💭 Join the Security Discussion ❌ Cancel Reply