CVE-2026-27776
HIGH WAF: Medium
CVSS 8.8
Published: 2026-02-27
CWE-502
IM-LogicDesigner module of intra-mart Accel Platform contains insecure deserialization issue. This can be exploited only when IM-LogicDesigner is deployed on the system. Arbitrary code may be executed when some crafted file is imported by a user with the administrative privilege.
WAF Coverage Analysis
Insecure Deserialization
Medium WAF Coverage
OWASP: A08:2021 Software and Data Integrity Failures
944xxx - Java Attack
Affected Software
| Vendor | Product | Version |
|---|---|---|
| intra-mart | accel_platform | 8.0.4 |
| intra-mart | accel_platform | 8.0.5 |
| intra-mart | accel_platform | 8.0.6 |
| intra-mart | accel_platform | 8.0.7 |
| intra-mart | accel_platform | 8.0.8 |
| intra-mart | accel_platform | 8.0.9 |
| intra-mart | accel_platform | 8.0.10 |
| intra-mart | accel_platform | 8.0.11 |
| intra-mart | accel_platform | 8.0.12 |
| intra-mart | accel_platform | 8.0.13 |
References
- global.intra-mart.support (Vendor Advisory)
- jvn.jp (Third Party Advisory)