HIGHCVE-2026-6009Published Modified CNA Jaspersoft
CVE-2026-6009: Jaspersoft Library Deserialisation Vulnerability
Java Deserialisation Vulnerability in Jaspersoft Reports Library leads to Remote Code Execution (RCE), potentially allowing code execution on the affected system
Metrics
- CVSS v4.0
- 8.7
- Severity
- HIGH
- Fixed in
- —
- Affected Products
- 8
Affected packages
- Jaspersoft / JasperReports Library Community Edition≤ 7.0.6
- Jaspersoft / Jaspersoft Studio Community Edition≤ 7.0.6
- Jaspersoft / JasperReports Server≤ 10.0.0
- Jaspersoft / JasperReports Library Professional≤ 10.0.0
- Jaspersoft / Jaspersoft Studio Professional≤ 10.0.0
- Jaspersoft / JasperReports IO Professional≤ 10.0.0
- Jaspersoft / JasperReports IO At-Scale≤ 10.0.0
- Jaspersoft / JasperReports Web Studio≤ 10.0.1
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:NReferences