CVE-2026-6807: A vulnerability in GRASSMARLIN v3.2.1 allows crafted session data to
trigger improper handling of XML input, which may...
MEDIUM
CVSS 5.5
Exploit Available
1 PoC
Published: April 28, 2026 | Last Modified: April 28, 2026
Description
A vulnerability in GRASSMARLIN v3.2.1 allows crafted session data to
trigger improper handling of XML input, which may result in unintended
exposure of sensitive information. The flaw stems from insufficient
hardening of the XML parsing process.
Ghostwire Analysis — What This Means Practically
- Medium CVSS score indicates moderate risk — exploitation requires specific conditions or results in limited impact.
- 1 proof-of-concept exploit available on GitHub. Public exploit code lowers the barrier for both researchers and attackers.
This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.
Proof-of-Concept Exploits (1)
Security Coverage (1 articles)
References