30 matches found
CVE-2026-46597 affecting package gh for versions less than 2.62.0-16
CVE-2026-46597 affecting package gh for versions less than 2.62.0-16. A patched version of the package is available...
CVE-2026-39829 affecting package gh for versions less than 2.62.0-16
CVE-2026-39829 affecting package gh for versions less than 2.62.0-16. A patched version of the package is available...
CVE-2026-39830 affecting package gh for versions less than 2.62.0-16
CVE-2026-39830 affecting package gh for versions less than 2.62.0-16. A patched version of the package is available...
CVE-2026-39834 affecting package gh for versions less than 2.62.0-16
CVE-2026-39834 affecting package gh for versions less than 2.62.0-16. A patched version of the package is available...
CVE-2026-39821 affecting package gh for versions less than 2.62.0-16
CVE-2026-39821 affecting package gh for versions less than 2.62.0-16. A patched version of the package is available...
CVE-2026-32288 affecting package gh for versions less than 2.62.0-15
CVE-2026-32288 affecting package gh for versions less than 2.62.0-15. A patched version of the package is available...
SUSE CVE-2026-32760
File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. In versions 2.61.2 and below, any unauthenticated visitor can register a full administrator account when self-registration signup = true is enabled and the...
CVE-2026-32758
File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Versions 2.61.2 and below are vulnerable to Path Traversal through the resourcePatchHandler http/resource.go. The destination path in resourcePatchHandler is...
CVE-2026-32761
File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Versions 2.61.0 and below contain a permission enforcement bypass which allows users who are denied download privileges perm.download = false but granted share...
CVE-2026-32760
File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. In versions 2.61.2 and below, any unauthenticated visitor can register a full administrator account when self-registration signup = true is enabled and the...
Authorization Bypass Through User-Controlled Key
Overview github.com/filebrowser/filebrowser/v2/http is a web file browser. Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the public share links when they retain share privileges share=true. An attacker can access and exfiltrate file...
Authorization Bypass Through User-Controlled Key
Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the public share links when they retain share privileges share=true. An attacker can access and exfiltrate file contents by creating a public share link for files they are not permitt...
CVE-2026-32760
File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. In versions 2.61.2 and below, any unauthenticated visitor can register a full administrator account when self-registration signup = true is enabled and the...
CVE-2026-32761
File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Versions 2.61.0 and below contain a permission enforcement bypass which allows users who are denied download privileges perm.download = false but granted share...
CVE-2026-32761 File Browser has an Authorization Policy Bypass in its Public Share Download Flow
File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Versions 2.61.0 and below contain a permission enforcement bypass which allows users who are denied download privileges perm.download = false but granted share...
CVE-2026-32761 File Browser has an Authorization Policy Bypass in its Public Share Download Flow
File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Versions 2.61.0 and below contain a permission enforcement bypass which allows users who are denied download privileges perm.download = false but granted share...
CVE-2026-32760
File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. In versions 2.61.2 and below, any unauthenticated visitor can register a full administrator account when self-registration signup = true is enabled and the...
CVE-2026-32760 File Browser Self Registration Grants Any User Admin Access When Default Permissions Include Admin
File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. In versions 2.61.2 and below, any unauthenticated visitor can register a full administrator account when self-registration signup = true is enabled and the...
CVE-2026-32758
File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Versions 2.61.2 and below are vulnerable to Path Traversal through the resourcePatchHandler http/resource.go. The destination path in resourcePatchHandler is...
CVE-2025-58190 affecting package gh for versions less than 2.62.0-13
CVE-2025-58190 affecting package gh for versions less than 2.62.0-13. A patched version of the package is available...