Lucene search
K

The vulnerability of the Active Storage component of the Ruby on Rails software framework allows attackers to execute arbitrary code.

🗓️ 01 Jul 2026 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType 
bdu_fstec
 bdu_fstec
🔗 bdu.fstec.ru👁 2 Views

Active Storage in Ruby on Rails allows remote code execution due to insufficient recipient intent checks.

Related
Detection
Refs
ReporterTitlePublishedViews
Family
IBM Security Bulletins
Security Bulletin: Multiple vulnerabilities in IBM Aspera Orchestrator
16 Apr 202621:24
ibm
IBM Security Bulletins
Security Bulletin: Multiple Vulnerabilities in IBM Aspera Faspex
16 Apr 202622:34
ibm
ATTACKERKB
CVE-2026-33173
23 Mar 202623:21
attackerkb
Chainguard
CVE-2026-33173 vulnerabilities
25 Mar 202607:23
cgr
Circl
CVE-2026-33173
24 Mar 202600:03
circl
CNNVD
Rails 安全漏洞
23 Mar 202600:00
cnnvd
CVE
CVE-2026-33173
23 Mar 202623:21
cve
Cvelist
CVE-2026-33173 Rails Active Storage has possible content type bypass via metadata in direct uploads
23 Mar 202623:21
cvelist
Debian CVE
CVE-2026-33173
23 Mar 202623:21
debiancve
EUVD
EUVD-2026-14626
23 Mar 202620:54
euvd
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

01 Jul 2026 00:00Current
6.1Medium risk
Vulners AI Score6.1
CVSS 25
CVSS 35.3
EPSS0.0039
2