CVE-2026-40176 is a vulnerability tracked across 1 threat cluster and 3 intelligence report mentions on ThreatCluster. First observed April 14, 2026; most recent activity April 16, 2026.
Two command injection vulnerabilities, CVE-2026-40176 and CVE-2026-40261, have been identified in Composer's Perforce VCS driver, allowing attackers to execute arbitrary commands on user systems. CVE-2026-40176,…