CVE-2026-2740 – ManageEngine ADSelfService Plus

CVSS 8.4 IMPORTANT

“A command injection weakness in an identity platform can quickly turn account management into an attack path.”

Zohocorp released a patch for a high-severity vulnerability affecting ManageEngine ADSelfService Plus. CVE-2026-2740 has a CVSS score of 8.4, which is High severity.

The vulnerability involves improper command neutralization that could allow remote code execution in affected ADSelfService Plus environments. The update strengthens input validation and command handling protections, reducing the risk of attackers executing unauthorized commands through crafted requests.

Key Details

Attack Vector: Network
Attack Complexity: High
Privileges Required: Low
User Interaction: None
CWE Classification: CWE-77

Patch this CVE on all your endpoints in under 5 minutes. First 200 endpoints are free forever, scale as needed.

CVE-2026-2740 – ManageEngine ADSelfService Plus

Key Details

Stay Tuned

PLATFORM

SOLUTIONS

RESOURCES

COMPANY

LEGAL

CONTACTS

+1-346-444-8530

Toll Free: 833-444-8530

708 Main St, 10th FL, Houston, TX 77002