CVE-2026-22679 in Weaver E-cology 10.0 is a CISA KEV-listed unauthenticated RCE (CVSS 9.8) exploitable via an exposed Dubbo debug endpoint requiring no credentials and no user interaction, with confirmed in-the-wild exploitation as of 2026-03-31. The specific vulnerable endpoint (/papi/esearch/data/devops/dubboApi/debug/method) should be blocked immediately via WAF or network ACL, and affected systems should be upgraded to build 20260312 or later per Weaver’s official update channel. Any E-cology server that was internet-accessible prior to patching should be treated as potentially compromised and investigated for webshell deployment or persistence mechanisms.