Skip to content

News
Cybercrime
Risk
Policy
Privacy
Research
Cloud
Insurance

LinkedIn
Facebook

PHP injection

MetInfo CMS flaw under active exploitation after April patch

News, Research, Risk, Vulnerabilities

May 5, 2026

Threat actors are exploiting a critical MetInfo CMS flaw, CVE-2026-29014, that can enable remote code execution. VulnCheck said activity began on April 25 and intensified on May 1, after MetInfo released patches on April 7.

About
Editorial Policy
Privacy
Contact