CVE-2026-3438 Blast Radius

MEDIUM • CVSS 5.1A reflected cross-site scripting vulnerability exists in Sonatype Nexus Repository versions 3.0.0 through 3.90.2 that allows unauthenticated remote at

Is Your Infrastructure Using These Packages?

EchelonGraph automatically scans your cloud infrastructure and SBOMs to map your exposure to vulnerabilities like CVE-2026-3438.

Start Free Scan →← Back to CVE-2026-3438