CVE-2026-44200 — Wagtail is an open source content management system built
CVE-2026-44200 — Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user with limited access to pages could copy a page they don't have access to to an area of the site they do. Once coped, they'd be able to view its contents, and potentially p
What This Means For You
- If your environment is affected by CWE-280, review your exposure and prioritize patching based on your environment. Monitor vendor advisories for CVE-2026-44200 updates and patches.
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2026-44200 | vulnerability | CVE-2026-44200 |
| CWE-280 | weakness | CWE-280 |
Written by SCW Vulnerability Desk
Source & Attribution
| Source Platform | NVD |
| Channel | National Vulnerability Database |
| Published | May 11, 2026 at 19:17 UTC |
This content was curated and summarized by Shimi's Cyber World for informational purposes. It is not copied or republished in full. All intellectual property rights remain with the original author and source.
Believe this infringes your rights? Submit a takedown request.
Related coverage
OpenClaw Improper Authentication: CVE-2026-8305 Publicly Exploitable
CVE-2026-8305 — A vulnerability was detected in OpenClaw up to 2026.1.24. The impacted element is the function handleBlueBubblesWebhookRequest of the file extensions/bluebubbles/src/monitor.ts of the component...
OpenClaw Improper Access Control Bypasses Denylist, Allows Persistent Malicious Configs
CVE-2026-45006 — OpenClaw before 2026.4.23 contains an improper access control vulnerability in the gateway tool's config.apply and config.patch operations that allows compromised models to write...
OpenClaw RCE: Arbitrary Code Execution via Plugin Setup Resolver
CVE-2026-45004 — OpenClaw before 2026.4.23 contains an arbitrary code execution vulnerability in the bundled plugin setup resolver that loads setup-api.js from process.cwd() during provider setup...