CVE-2026-3199
CRITICALNexus Repository 3 - Authenticated Remote Code Execution via Task Property Injection
Title source: cnaDescription
A vulnerability in the task management component of Sonatype Nexus Repository versions 3.22.1 through 3.90.2 allows an authenticated attacker with task creation permissions to execute arbitrary code, bypassing the nexus.scripts.allowCreation security control.
References (2)
Core 2
Core References
Vendor Advisory vendor-advisory
https://support.sonatype.com/hc/en-us/articles/50615414548499
Scores
CVSS v4
9.4
EPSS
0.0036
EPSS Percentile
27.5%
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
CWE
CWE-502
Status
published
Products (1)
Sonatype/Nexus Repository
3.22.1 - 3.91.0
Published
Apr 08, 2026
Tracked Since
Apr 09, 2026