CYBERHAWK / CVE / CVE-2026-42796

CVE-2026-42796

Arelle

CRITICAL CVSS 9.8 other

The flaw

Unauthenticated RCE via malicious plugin URL in REST endpoint.

What to do

Update Arelle to version 2.39.10

▸ Scan my repo for CVE-2026-42796

References

NVD CISA KEV OSV GitHub Advisory MITRE News search
First seen 2026-05-08 · Tracked by PickBits CyberHawk · Weekly CVE digest
← All CVEs RSS Scheduled audits