CVE-2026-6601

MEDIUM NVD

CVSS Score 4.3

Severity MEDIUM

Published Apr 20, 2026

Vendor unknown

Description

A vulnerability has been found in Lagom WHMCS Template up to 2.4.2. This impacts an unknown function of the component Datatables. The manipulation leads to resource consumption. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

References

https://github.com/devsamuelsantiago/lagom-whmcs-dos-poc
https://vuldb.com/submit/791943
https://vuldb.com/vuln/358236
https://vuldb.com/vuln/358236/cti