Code Injection Vulnerability in Pizzy Library by MIA Technology Inc.
CVE-2026-5242
8.8HIGH
What is CVE-2026-5242?
The Pizzy Library developed by MIA Technology Inc. is susceptible to a code injection vulnerability caused by improper neutralization of formula elements in CSV files. This flaw allows attackers to inject malicious code, potentially leading to unauthorized access and data manipulation. The vulnerability affects versions 1.0.0.26250 to 1.3.9.26250, requiring immediate attention to mitigate the risks associated with this security issue.
Affected Version(s)
Pizzy Library 1.0.0.26250 < 1.3.9.26250
References
CVSS V3.1
Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Ahmet DURMUŞ
STM Savunma Teknolojileri Mühendislik ve Ticaret A.Ş.