ByteOS Network

Lagom

Source -

CNA

BOS Name -

N/A

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

2Vulnerabilities found

CVE-2026-6601

Assigner-VulDB

View Details

Assigner-VulDB

CVSS Score-5.3||MEDIUM

EPSS-Not Assigned

Published-20 Apr, 2026 | 03:30

Updated-20 Apr, 2026 | 04:16

Lagom WHMCS Template Datatables resource consumption

A vulnerability has been found in Lagom WHMCS Template up to 2.4.2. This impacts an unknown function of the component Datatables. The manipulation leads to resource consumption. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Vendor-Lagom

Product-WHMCS Template

CWE ID-CWE-400

Uncontrolled Resource Consumption

CWE ID-CWE-404

Improper Resource Shutdown or Release

CVE-2026-4239

Assigner-VulDB

View Details

Assigner-VulDB

CVSS Score-5.1||MEDIUM

EPSS-0.04% / 13.10%

7 Day CHG~0.00%

Published-16 Mar, 2026 | 13:02

Updated-16 Mar, 2026 | 14:53

Lagom WHMCS Template Datatables prototype pollution

A vulnerability was found in Lagom WHMCS Template up to 2.3.7. Impacted is an unknown function of the component Datatables. The manipulation results in improperly controlled modification of object prototype attributes. It is possible to launch the attack remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

Vendor-Lagom

Product-WHMCS Template

CWE ID-CWE-1321

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

CWE ID-CWE-94

Improper Control of Generation of Code ('Code Injection')