Sonatype Nexus 3.22.1-3.90.2 Task Exec perm bypassing nexus.scripts.allowCreation
CVE-2026-3199 Published on April 8, 2026

Nexus Repository 3 - Authenticated Remote Code Execution via Task Property Injection
A vulnerability in the task management component of Sonatype Nexus Repository versions 3.22.1 through 3.90.2 allows an authenticated attacker with task creation permissions to execute arbitrary code, bypassing the nexus.scripts.allowCreation security control.

Vendor Advisory NVD

Weakness Type

What is a Marshaling, Unmarshaling Vulnerability?

The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

CVE-2026-3199 has been classified to as a Marshaling, Unmarshaling vulnerability or weakness.

Products Associated with CVE-2026-3199

Want to know whenever a new CVE is published for Sonatype Nexus Repository Manager? stack.watch will email you.

Sonatype Nexus Repository Manager

Affected Versions

Sonatype Nexus Repository:

Version 3.22.1 and below 3.91.0 is affected.

Sonatype Nexus 3.22.1-3.90.2 Task Exec perm bypassing nexus.scripts.allowCreationCVE-2026-3199 Published on April 8, 2026

Weakness Type

What is a Marshaling, Unmarshaling Vulnerability?

Products Associated with CVE-2026-3199

Affected Versions

Sonatype Nexus 3.22.1-3.90.2 Task Exec perm bypassing nexus.scripts.allowCreation
CVE-2026-3199 Published on April 8, 2026