Key Systems Global Facilities Management Software allows execution of arbitrary code via input

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

8.2

Key Systems Global Facilities Management Software allows execution of arbitrary code via input

CVE-2026-26723

Summary

A vulnerability in the Key Systems Global Facilities Management Software allows a remote attacker to execute malicious code on a system. This could lead to unauthorized access or data theft. Update the software to the latest version to fix this issue.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software

Vendor	Product	Affected versions	Fix available
keystorage	global_facilities_management_software	20230721a	–

Original title

Cross Site Scripting vulnerability in Key Systems Inc Global Facilities Management Software v. 20230721a allows a remote attacker to execute arbitrary code via the function parameter.

Original description

Cross Site Scripting vulnerability in Key Systems Inc Global Facilities Management Software v. 20230721a allows a remote attacker to execute arbitrary code via the function parameter.

nvd CVSS3.1 8.2

Vulnerability type

CWE-79 Cross-site Scripting (XSS)

https://github.com/chndlrx/vulnerability-disclosures/tree/main/CVE-2026-26723 Exploit Third Party Advisory

Published: 20 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026