CVE-2026-6002

High

Published: 07 May 2026

Published

07 May 2026

Modified

07 May 2026

KEV Added

—

Patch

—

CVSS Score 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score 0.0001 2.5th percentile

Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-6002 is a high-severity Basic XSS (CWE-80) vulnerability in Gov (inferred from references). Its CVSS base score is 8.8 (High).

Operationally, ranked at the 2.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

NVD Description

Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Cross-Site Scripting (XSS). This issue affects DivvyDrive: from 4.8.2.9 before 4.8.3.2.

Deeper analysisAI

Automated synthesis unavailable for this CVE.

Details

CWE(s): CWE-80

Affected Products

Gov

—

inferred from references and description; NVD did not file a CPE for this CVE

CVEs Like This One

CVE-2024-46910Shared CWE-80

CVE-2025-14835Shared CWE-80

CVE-2024-39363Shared CWE-80

CVE-2025-22501Shared CWE-80

CVE-2025-21612Shared CWE-80

CVE-2025-24680Shared CWE-80

CVE-2026-33080Shared CWE-80

CVE-2024-13497Shared CWE-80

CVE-2025-53835Shared CWE-80

CVE-2024-56199Shared CWE-80

References

https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0182
iletisim@usom.gov.tr