alchemy_cms

RubyGems1 known CVE affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting alchemy_cmspage 1 of 1

CVE-2026-23885MEDIUMCVSS 6.4EG 6.4✓ Fixed in 8.0.3
2026-01-19
vulnerable: 8.0.0 ... 8.0.2 (6 versions)
Alchemy is an open source content management system engine written in Ruby on Rails. Prior to versions 7.4.12 and 8.0.3, the application uses the Ruby `eval()` function to dynamically execute a string provided by the `resource_handler.engi…

Check whether alchemy_cms is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for alchemy_cms CVEs against the assets you own.

Start Free Scan →