“weaver e - cology rce flaw cve - 2026 - 22679 actively exploited via debug api a critical security vulnerability in weaver ( fanwei ) e - cology, an enterprise office automation ( oa ) and collaboration platform, has come under active exploitation in the wild. the vulnerability (…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
87%
“the first signs of active exploitation on march 31, 2026. chinese security vendor qianxin said it was able to successfully reproduce the remote code execution vulnerability in its own alert released on march 17, 2026. however, in a report published last week, the vega research te…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1059.001PowerShell
79%
“the first signs of active exploitation on march 31, 2026. chinese security vendor qianxin said it was able to successfully reproduce the remote code execution vulnerability in its own alert released on march 17, 2026. however, in a report published last week, the vega research te…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
A critical security vulnerability in Weaver (Fanwei) E-cology, an enterprise office automation (OA) and collaboration platform, has come under active exploitation in the wild.
The vulnerability (CVE-2026-22679, CVSS score: 9.8) relates to a case of unauthenticated remote code execution affecting Weaver E-cology 10.0 versions prior to 20260312. The issue resides in the "/papi/esearch/data/devops/