CVE-2026-26462

Published: May 18, 2026

Modified: May 20, 2026

PUBLISHED

Description

Offline Hospital Management System 5.3.0 allows remote code execution due to an improper Electron renderer configuration. The application enables Node.js integration while disabling context isolation, allowing JavaScript executed in the renderer process to access Node.js APIs and execute arbitrary operating system commands.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://sourceforge.net/projects/hospital-management-system/files/

https://medium.com/@husaainpalh/remote-code-execution-in-offline-hospital-management-system-cve-2026-26462-bc7ac54314c4

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-26462

Description

Affected Products

References