CVE-2026-15512

Summary

A vulnerability was identified in pig-mesh Pig up to 3.9.2. Affected by this issue is some unknown functionality of the file \pig-master\pig-visual\pig-codegen\src\main\java\com\pig4cloud\pig\codegen\service\impl\GeneratorServiceImpl.java of the component pig-codegen. Such manipulation leads to code injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

Affected Software

VendorProductVersion RangeStatus
pig-meshPig3.9.0affected
pig-meshPig3.9.1affected
pig-meshPig3.9.2affected

Weaknesses

  • CWE-94: Code Injection
  • CWE-74: Injection

References