EUVD-2026-2000

🗓️ 13 Jan 2026 19:15:13Reported by EUVDType

Gin-vue-admin up to v2.8.7 has path traversal in breakpoint resume upload enabling arbitrary file writes.

Reporter	Title	Published	Views	Family All 16
Circl	CVE-2026-22786	11 Jan 202614:44	–	circl
CNNVD	Gin-vue-admin 代码问题漏洞	12 Jan 202600:00	–	cnnvd
CVE	CVE-2026-22786	12 Jan 202621:09	–	cve
Cvelist	CVE-2026-22786 Gin-vue-admin has arbitrary file upload vulnerability caused by path traversal	12 Jan 202621:09	–	cvelist
Github Security Blog	Gin-vue-admin has arbitrary file upload vulnerability caused by path traversal	13 Jan 202619:15	–	github
NVD	CVE-2026-22786	12 Jan 202622:16	–	nvd
OSV	CVE-2026-22786 Gin-vue-admin has arbitrary file upload vulnerability caused by path traversal	12 Jan 202621:09	–	osv
OSV	GHSA-3558-J79F-VVM6 Gin-vue-admin has arbitrary file upload vulnerability caused by path traversal	13 Jan 202619:15	–	osv
OSV	GO-2026-4313 Gin-vue-admin has arbitrary file upload vulnerability caused by path traversal in github.com/flipped-aurora/gin-vue-admin	23 Jan 202602:28	–	osv
OSV	SUSE-SU-2026:0292-1 Security update for govulncheck-vulndb	26 Jan 202611:11	–	osv

[
  {
    "enisaIdVendor": [
      {
        "id": "ed0e5390-d7fa-3444-b9c0-1f01c26e2f33",
        "vendor": {
          "name": "flipped-aurora"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "826c8e57-f2ca-3211-b110-aeef59bb22d6",
        "product": {
          "name": "gin-vue-admin"
        },
        "product_version": "≤ 2.8.7"
      }
    ]
  }
]

Source	Link
github	www.github.com/flipped-aurora/gin-vue-admin/security/advisories/GHSA-3558-j79f-vvm6
github	www.github.com/flipped-aurora/gin-vue-admin/commit/2242f5d6e133e96d1b359ac019bf54fa0e975dd5
nvd	www.nvd.nist.gov/vuln/detail/CVE-2026-22786

13 Jan 2026 19:15Current

6.7Medium risk

Vulners AI Score6.7

CVSS 48.6

EPSS0.00655

SSVC