CVE-2026-26462 — HIGH (7.3)

Vulnerability Description

Offline Hospital Management System 5.3.0 allows remote code execution due to an improper Electron renderer configuration. The application enables Node.js integration while disabling context isolation, allowing JavaScript executed in the renderer process to access Node.js APIs and execute arbitrary operating system commands.

CVSS Score

7.3

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

LOW

Availability

LOW

Related Weaknesses (CWE)

CWE-917

References

FAQ

What is CVE-2026-26462?

CVE-2026-26462 is a vulnerability with a CVSS score of 7.3 (HIGH). Offline Hospital Management System 5.3.0 allows remote code execution due to an improper Electron renderer configuration. The application enables Node.js integration while disabling context isolation,...

How severe is CVE-2026-26462?

CVE-2026-26462 has been rated HIGH with a CVSS base score of 7.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2026-26462?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.