Lucene search
K

4 matches found

Cvelist
Cvelist
added yesterday13 views

CVE-2026-14439 Path Traversal in Altium Git Service Allows Remote Code Execution

A path traversal vulnerability exists in the Git Service component shared by Altium Enterprise Server and Altium 365. The service accepts a sequence of post-clone file-manipulation operations that use user-supplied paths without validation, allowing an authenticated user with basic git access to...

9.4CVSS
Exploits0References1
CVE
CVE
added 2026/06/05 9:1 p.m.32 views

CVE-2026-11429

Summary: CVE-2026-11429 describes a path traversal in the Git Service shared by Altium Enterprise Server and Altium 365. An authenticated user with basic git access can perform post-clone file-manipulation using unvalidated paths to move attacker-controlled content outside the repository, enablin...

10CVSS6.3AI score0.01145EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/05 9:1 p.m.7 views

CVE-2026-11429 Path Traversal in Altium Git Service Allows Remote Code Execution

A path traversal vulnerability exists in the Git Service component shared by Altium Enterprise Server and Altium 365. The service accepts a sequence of post-clone file-manipulation operations that use user-supplied paths without validation, allowing an authenticated user with basic git access to...

9.4CVSS6.4AI score0.01145EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/05 9:1 p.m.32 views

CVE-2026-11429 Path Traversal in Altium Vault ScriptsController Allows Unauthenticated Remote Code Execution

Two endpoints in the Vault Service ScriptsController, shared by Altium Enterprise Server and Altium 365, accept file uploads where a user-supplied filename component is used to construct the destination path without validation, allowing arbitrary files to be written to any location writable by th...

10CVSS0.01145EPSS
Exploits0References1
Rows per page
Query Builder