CVE-2026-3014

Severity CVSS v4.0:
MEDIUM
Type:
CWE-78 OS Command Injections
Publication date:
14/07/2026
Last modified:
14/07/2026

Description

Milestone<br /> has released a new version of XProtect® (and several cumulative patch updates)<br /> which fix security vulnerability in Management Server API. <br /> <br /> <br /> <br /> The vulnerability<br /> causes users with edit permissions to the Management Server to be able to<br /> execute arbitrary code in context of the Management Server Service.