What is the severity of CVE-2026-24601?

CVE-2026-24601 has a CVSS v3 score of 5.4, which is classified as Medium severity.

Is there an exploit available for CVE-2026-24601?

No known public exploits are currently available for CVE-2026-24601.

Is there a patch available for CVE-2026-24601?

Yes, patches are available for CVE-2026-24601. Check the vendor advisories for update instructions.

CVE-2026-24601 - CVE Details, Severity, and Analysis

Published: January 25, 2026

Last updated:1 day ago (January 25, 2026)

Updated January 25, 2026

no major risk factors

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PenciDesign Penci Pay Writer penci-pay-writer allows Stored XSS.This issue affects Penci Pay Writer: from n/a through <= 1.5.

Strobes VI. (2026). CVE-2026-24601 - CVE Details and Analysis. Strobes VI. Retrieved January 26, 2026, from https://vi.strobes.co/cve/CVE-2026-24601

Published: January 25, 2026

Last updated:1 day ago (January 25, 2026)

Updated January 25, 2026

no major risk factors

Strobes VI. (2026). CVE-2026-24601 - CVE Details and Analysis. Strobes VI. Retrieved January 26, 2026, from https://vi.strobes.co/cve/CVE-2026-24601