CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-24750

Kiteworks is a private data network (PDN). In Kiteworks Secure Data Forms prior to version 9.2.1, an authenticated attacker could exploit an Improper Neutralization of Input During Web Page Generation as Stored XSS when modifying forms. Upgrade Kiteworks to version 9.2.1 or later to receive a patch.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 12.2%

CVSS Severity

CVSS v3 Score 7.6

References

https://github.com/kiteworks/security-advisories/security/advisories/GHSA-rfwm-2hq6-h84g

Products affected by CVE-2026-24750

Accellion » Kiteworks » Version: 7.3.0

cpe:2.3:a:accellion:kiteworks:7.3.0
Accellion » Kiteworks » Version: 7.3.1

cpe:2.3:a:accellion:kiteworks:7.3.1
Accellion » Kiteworks » Version: 7.3.2

cpe:2.3:a:accellion:kiteworks:7.3.2
Accellion » Kiteworks » Version: 7.4.0

cpe:2.3:a:accellion:kiteworks:7.4.0
Accellion » Kiteworks » Version: 9.1.0

cpe:2.3:a:accellion:kiteworks:9.1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-24750

Products

Pricing

Contact Us