{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-21628", "assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586", "state": "PUBLISHED", "assignerShortName": "Joomla", "dateReserved": "2026-01-01T04:42:27.960Z", "datePublished": "2026-03-05T09:24:47.789Z", "dateUpdated": "2026-03-05T14:30:16.055Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Astroid Template Framework", "vendor": "astroidframe.work", "versions": [{"status": "affected", "version": "2.0.0-3.3.10"}]}], "credits": [{"lang": "en", "type": "reporter", "value": "David Jardin / Joomla Security Strike Team"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A improperly secured file management feature allows uploads of dangerous data types for unauthenticated users, leading to remote code execution."}], "value": "A improperly secured file management feature allows uploads of dangerous data types for unauthenticated users, leading to remote code execution."}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"version": "4.0", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "subIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subAvailabilityImpact": "HIGH", "exploitMaturity": "ATTACKED", "Safety": "NOT_DEFINED", "Automatable": "YES", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "baseSeverity": "CRITICAL", "baseScore": 10, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:A/AU:Y"}}], "impacts": [{"capecId": "CAPEC-253", "descriptions": [{"lang": "en", "value": "CAPEC-253 Remote Code Inclusion"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-434", "description": "CWE-434 Unrestricted Upload of File with Dangerous Type", "lang": "en", "type": "CWE"}]}], "references": [{"tags": ["product"], "url": "https://astroidframe.work"}], "providerMetadata": {"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586", "shortName": "Joomla", "dateUpdated": "2026-03-05T09:24:47.789Z"}, "source": {"discovery": "UNKNOWN"}, "title": "Extension - astroidframe.work - Unauthenticated Remote Code Execution in Astroid Framework 2.0.0 - 3.3.10 for Joomla", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-05T14:29:56.320902Z", "id": "CVE-2026-21628", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-05T14:30:16.055Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-21628", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-05T14:29:56.320902Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-05T14:30:00.682Z"}}], "cna": {"title": "Extension - astroidframe.work - Unauthenticated Remote Code Execution in Astroid Framework 2.0.0 - 3.3.10 for Joomla", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "reporter", "value": "David Jardin / Joomla Security Strike Team"}], "impacts": [{"capecId": "CAPEC-253", "descriptions": [{"lang": "en", "value": "CAPEC-253 Remote Code Inclusion"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 10, "Automatable": "YES", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:A/AU:Y", "exploitMaturity": "ATTACKED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "astroidframe.work", "product": "Astroid Template Framework", "versions": [{"status": "affected", "version": "2.0.0-3.3.10"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://astroidframe.work", "tags": ["product"]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "A improperly secured file management feature allows uploads of dangerous data types for unauthenticated users, leading to remote code execution.", "supportingMedia": [{"type": "text/html", "value": "A improperly secured file management feature allows uploads of dangerous data types for unauthenticated users, leading to remote code execution.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-434", "description": "CWE-434 Unrestricted Upload of File with Dangerous Type"}]}], "providerMetadata": {"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586", "shortName": "Joomla", "dateUpdated": "2026-03-05T09:24:47.789Z"}}}, "cveMetadata": {"cveId": "CVE-2026-21628", "state": "PUBLISHED", "dateUpdated": "2026-03-05T14:30:16.055Z", "dateReserved": "2026-01-01T04:42:27.960Z", "assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586", "datePublished": "2026-03-05T09:24:47.789Z", "assignerShortName": "Joomla"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:templaza:astroid_framework:*:*:*:*:*:joomla\\!:*:*", "matchCriteriaId": "13FED99F-9FEE-4488-92AF-EE31F2B1DA3C", "versionEndIncluding": "3.3.10", "versionStartIncluding": "2.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A improperly secured file management feature allows uploads of dangerous data types for unauthenticated users, leading to remote code execution."}, {"lang": "es", "value": "Una caracter\u00edstica de gesti\u00f3n de archivos incorrectamente protegida permite cargas de tipos de datos peligrosos para usuarios no autenticados, lo que lleva a ejecuci\u00f3n remota de c\u00f3digo."}], "id": "CVE-2026-21628", "lastModified": "2026-03-13T01:33:31.743", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "YES", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "ATTACKED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:A/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security@joomla.org", "type": "Secondary"}]}, "published": "2026-03-05T10:15:57.930", "references": [{"source": "security@joomla.org", "tags": ["Product"], "url": "https://astroidframe.work"}], "sourceIdentifier": "security@joomla.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-434"}], "source": "security@joomla.org", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[2.0.0,3.3.10]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Astroid Template Framework", "source": "cna", "vendor": "astroidframe.work"}, "product": "astroid_template_framework", "vendor": "astroidframe.work"}], "analysis": {"en": {"generated_at": "2026-04-17T12:46:19.071192+00:00", "value": {"mitigation_remediation": ["Apply the latest Astroid Template Framework update (version greater than 3.3.10).", "If an immediate patch is unavailable, disable or restrict the file upload functionality in the framework.", "Configure the web server (or Joomla) to disallow execution of files in the upload directory, for example by setting appropriate permissions or adding .htaccess rules to block PHP execution."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "The vulnerability affects Astroid Template Framework for Joomla, specifically versions 2.0.0 through 3.3.10.", "description_and_impact": "An improperly secured file management feature in Astroid Template Framework allows unauthenticated users to upload dangerous data types. The uploaded content can then be executed, leading to remote code execution on the affected system.", "risk_and_exploitability": "The CVSS score of 10 marks the flaw as critical, while the EPSS score of less than 1% suggests that widespread exploitation is currently unlikely. The flaw is not listed in the CISA KEV catalog, but because the attack does not require authentication, an attacker can trigger it from any location. If successfully exploited, the attacker would gain the ability to execute arbitrary code on the host, compromising confidentiality, integrity, and availability of the Joomla instance."}}}}, "created": "2026-03-06T15:07:45.403252+00:00", "updated": "2026-04-17T13:00:11.981207+00:00", "vendors": ["astroidframe.work", "astroidframe.work$PRODUCT$astroid_template_framework"]}