{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2026-30281", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-04-01T18:14:46.520Z", "dateReserved": "2026-03-04T00:00:00.000Z", "datePublished": "2026-03-31T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-31T15:32:48.068Z"}, "descriptions": [{"lang": "en", "value": "An arbitrary file overwrite vulnerability in MaruNuri LLC v2.0.23 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://secsys.fudan.edu.cn/"}, {"url": "https://maru.xyz/"}, {"url": "https://play.google.com/store/apps/details?id=neo.maru"}, {"url": "https://github.com/Secsys-FDU/AF_CVEs/issues/21"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-73", "lang": "en", "description": "CWE-73 External Control of File Name or Path"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-04-01T18:13:52.483308Z", "id": "CVE-2026-30281", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-01T18:14:46.520Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-30281", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-01T18:13:52.483308Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-73", "description": "CWE-73 External Control of File Name or Path"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-01T18:14:41.771Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://secsys.fudan.edu.cn/"}, {"url": "https://maru.xyz/"}, {"url": "https://play.google.com/store/apps/details?id=neo.maru"}, {"url": "https://github.com/Secsys-FDU/AF_CVEs/issues/21"}], "descriptions": [{"lang": "en", "value": "An arbitrary file overwrite vulnerability in MaruNuri LLC v2.0.23 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-31T15:32:48.068Z"}}}, "cveMetadata": {"cveId": "CVE-2026-30281", "state": "PUBLISHED", "dateUpdated": "2026-04-01T18:14:46.520Z", "dateReserved": "2026-03-04T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-03-31T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An arbitrary file overwrite vulnerability in MaruNuri LLC v2.0.23 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure."}], "id": "CVE-2026-30281", "lastModified": "2026-04-01T19:16:29.583", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-31T16:16:29.820", "references": [{"source": "cve@mitre.org", "url": "https://github.com/Secsys-FDU/AF_CVEs/issues/21"}, {"source": "cve@mitre.org", "url": "https://maru.xyz/"}, {"source": "cve@mitre.org", "url": "https://play.google.com/store/apps/details?id=neo.maru"}, {"source": "cve@mitre.org", "url": "https://secsys.fudan.edu.cn/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-73"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-03-31T17:26:47.726327+00:00", "value": {"mitigation_remediation": ["Apply the latest vendor patch for MaruNuri 2.0.23 when it becomes available.", "Disable or restrict the file import functionality to trusted users until a patch is installed.", "Monitor logs for unauthorized file write attempts and investigate any anomalies promptly."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "The vulnerability affects MaruNuri LLC\u2019s software, version 2.0.23. No other affected vendors or product versions are listed. Users running this specific release should be aware of the risk.", "description_and_impact": "An arbitrary file overwrite flaw exists in MaruNuri LLC version 2.0.23. The flaw permits an attacker to replace critical internal files during a file import routine. By controlling which files are overwritten, an attacker could execute malicious code or disclose sensitive information, undermining both confidentiality and integrity of the system.", "risk_and_exploitability": "The risk is high due to the ability to overwrite system files, which can lead to full compromise of the application and potentially the underlying host. No explicit CVSS score is provided, but the nature of the flaw suggests severe impact. Epistemic exploitation probability is unknown as EPSS data is unavailable. The vulnerability is not listed in the CISA KEV catalog. The likely attack vector involves an authenticated or unauthenticated user submitting a crafted import file to the application, though the precise prerequisites are not detailed in the available information."}}}}, "created": "2026-03-31T19:56:54.418045+00:00", "title": "Arbitrary File Overwrite in MaruNuri v2.0.23 Enables Code Execution", "updated": "2026-03-31T19:56:54.418070+00:00", "vendors": [], "weaknesses": ["CWE-22"]}