2 matches found
CVE-2026-45225
creationtimestamp| type| source ---|---|--- 2026-05-13 03:46:03+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mlpfcs6lej2z...
CVE-2026-45225
Heym before 0.0.21 contains a path traversal vulnerability in the file upload endpoint that allows authenticated users to write attacker-controlled files to arbitrary locations by supplying a crafted filename with traversal sequences. Attackers can exploit the unvalidated filename parameter in th...