CVE-2026-15512 | pig-mesh Pig up to 3.9.2 pig-codegen GeneratorServiceImpl.java code injection (EUVD-2026-43253)
A vulnerability categorized as critical has been discovered in pig-mesh Pig up to 3.9.2. Affected by this issue is some unknown functionality of the file \pig-master\pig-visual\pig-codegen\src\main\java\com\pig4cloud\pig\codegen\service\impl\GeneratorServiceImpl.java of the component pig-codegen. Such manipulation leads to code injection.
This vulnerability is referenced as CVE-2026-15512. It is possible to launch the attack remotely. Furthermore, an exploit is available.
The vendor was contacted early about this disclosure but did not respond in any way.