2 matches found
CVE-2026-53779
creationtimestamp| type| source ---|---|--- 2026-06-22 19:56:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3movo7mmm4k2q...
CVE-2026-53779
WebP Server Go 0.14.4 is affected by a path traversal flaw on Windows. Attackers can exploit percent-encoded backslashes (%5C) to bypass path.Clean() in handler/router.go, taking advantage of Go’s forward-slash normalization vs Windows path APIs to read files outside IMG_PATH. CVE records indicat...