CVE ID :CVE-2026-3199
Published : April 8, 2026, 11:16 p.m. | 1 hour, 21 minutes ago
Description :A vulnerability in the task management component of Sonatype Nexus Repository versions 3.22.1 through 3.90.2 allows an authenticated attacker with task creation permissions to execute arbitrary code, bypassing the nexus.scripts.allowCreation security control.
Severity: 9.4 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
Published : April 8, 2026, 11:16 p.m. | 1 hour, 21 minutes ago
Description :A vulnerability in the task management component of Sonatype Nexus Repository versions 3.22.1 through 3.90.2 allows an authenticated attacker with task creation permissions to execute arbitrary code, bypassing the nexus.scripts.allowCreation security control.
Severity: 9.4 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
🤖 AI-Generated Patch Solution
Google Gemini (gemini-2.5-flash) • CVE: CVE-2026-3199
Unknown
N/A
N/A
⚠️ Vulnerability Description:
1. IMMEDIATE ACTIONS
Immediately perform the following steps to contain potential exploitation and mitigate risk:
Isolate affected systems: If possible without disrupting critical business operations, temporarily isolate systems running the AcmeCorp Identity & Session Management Service (AISM) from external networks.
Invalidate all active user sessions: Force a global logout or invalidate all active session tokens for the AISM service. This will
💡 AI-generated — review with a security professional before acting.View on NVD →