CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

523 matches found

Github Security Blog•added 2026/06/12 10:52 p.m.•19 views

File Browser has a Command Execution Allowlist Bypass via Shell Metacharacter Injection

!NOTE This feature has been disabled by default for all installations from v2.33.8 onwards, including for existent installations. To exploit this vulnerability, the instance administrator must turn on a feature and ignore all the warnings about known vulnerabilities. We're publishing this new...

6AI score0.00219EPSS

Exploits0References3Affected Software1

OSV•added 2026/06/12 10:52 p.m.•7 views

GHSA-8C9Q-7855-WFXQ File Browser has a Command Execution Allowlist Bypass via Shell Metacharacter Injection

8.7CVSS6.1AI score0.00219EPSS

Exploits0References3

OSV•added 2026/06/12 9:53 p.m.•6 views

GHSA-GXJX-7M74-HCQ8 File Browser: FilePath traversal in download-as-zip/tar via Windows-style backslash separators in stored filenames

Summary filebrowser builds the download-as-zip / download-as-tar archive entry names with filepath.ToSlash, which on a Linux host is a no-op for backslashes \ is only a path separator on Windows. A file whose name contains Windows-style traversal ......\evil.txt is accepted by the resource...

6.2CVSS5.7AI score0.00046EPSS

Exploits0References4

OSV•added 2026/06/12 9:53 p.m.•8 views

GHSA-239W-M3H6-CH8V File Browser: Symlink following lets scoped users read, overwrite, and share files outside their filebrowser scope

Summary File Browser enforces per-user scope with afero.NewBasePathFsafero.NewOsFs, scope, set up in users/users.go. This blocks lexical ../ traversal, but it does not stop the HTTP file handlers from following symbolic links before they open, serve, write, share, or list a file. As a result, a...

6.8CVSS5.2AI score0.00028EPSS

Exploits0References4

OSV•added 2026/06/12 9:51 p.m.•5 views

GHSA-W5FM-68J4-FPC4 File Browser has a DoS Vulnerability via Public Login API

Summary Unchecked passwords maximums allow for an arbitrarily large password to be passed into the login API. This spikes CPU and memory, and after testing, crashes, heavily lags any container created, and has even made my docker daemon start to send errors with status code 500 even after the...

8.7CVSS5.3AI score0.00061EPSS

Exploits0References4

OSV•added 2026/06/12 9:7 p.m.•5 views

GHSA-3Q2P-72CJ-682C File Browser: Improper Access Control Occurs via Pre-Created Public Share for a Non-existent Path

Summary This is similar vulnrability of CVE-2026-0035, which was fixed in Android MediaProvider with high severity. In the original Java issue, MediaStore.createWriteRequest accepted attacker-controlled URIs and created a future grant even when the referenced media item did not exist yet. The...

7.1CVSS5.6AI score0.00029EPSS

Exploits0References4

OSV•added 2026/06/12 9:0 p.m.•10 views

GHSA-5WW9-JG6Q-38R7 File Browser: Cross-user unauthorized share-link deletion via unbounded prefix match in DeleteWithPathPrefix

Summary A low-privileged authenticated user of filebrowser with create + delete permissions in their own isolated scope can silently destroy share-link records belonging to any other user — including the administrator — by performing a legitimate DELETE on a file in their own directory whose...

7.2CVSS5.5AI score0.00029EPSS

Exploits0References4

Circl•added 2026/06/06 5:55 a.m.•8 views

CVE-2026-54091

creationtimestamp| type| source ---|---|--- 2026-06-06 05:55:29+00:00| published-proof-of-concept| https://github.com/filebrowser/filebrowser/security/advisories/GHSA-j9jx-hp4c-ghhh...

4.9AI score0.00031EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:25 p.m.•6 views

CVE-2026-44371

Open OnDemand is an open-source high-performance computing portal. Prior to 4.0.11, 4.1.5, and 4.2.2, specially crafted filenames can execute javascript in the file browser This vulnerability is fixed in 4.0.11, 4.1.5, and 4.2.2...

5.3CVSS5.5AI score0.00262EPSS

Exploits0References1

Circl•added 2026/06/04 5:54 a.m.•5 views

CVE-2026-54096

creationtimestamp| type| source ---|---|--- 2026-06-04 05:54:39+00:00| published-proof-of-concept| https://github.com/filebrowser/filebrowser/security/advisories/GHSA-3q2p-72cj-682c...

4.9AI score0.00029EPSS

Exploits0References1

Circl•added 2026/06/03 8:7 a.m.•5 views

CVE-2026-54090

creationtimestamp| type| source ---|---|--- 2026-06-03 08:07:50+00:00| published-proof-of-concept| https://github.com/filebrowser/filebrowser/security/advisories/GHSA-8c9q-7855-wfxq...

4.9AI score0.00219EPSS

Exploits0References1

OSV•added 2026/05/19 8:14 p.m.•5 views

GHSA-3JMG-P96M-M328 FileBrowser Quantum: unauthenticated user share share info

Impact Some sensitive info -- such as source and path can get exposed. Patches Update to the latest version Workarounds no...

8.7CVSS5.8AI score0.00052EPSS

Exploits0References3

ATTACKERKB•added 2026/05/14 5:7 p.m.•5 views

CVE-2026-44542

FileBrowser Quantum is a free, self-hosted, web-based file manager. Prior to 1.3.1-stable and 1.3.9-beta, attacker-controlled path input is joined with a trusted base path prior to sanitization, allowing traversal sequences e.g., ../ to escape the intended shared directory. As a result, an...

9.1CVSS5.9AI score0.00523EPSS

Exploits1References2Affected Software1

NVD•added 2026/05/14 3:16 p.m.•12 views

CVE-2026-44371

5.3CVSS0.00262EPSS

Exploits0References1

CVE•added 2026/05/14 3:2 p.m.•15 views

CVE-2026-44371

Open OnDemand (HPC portal) is affected prior to versions 4.0.11, 4.1.5, and 4.2.2. The issue allows specially crafted filenames to execute JavaScript in the file browser. The vulnerability is fixed in 4.0.11, 4.1.5, and 4.2.2. Impact is web/application-level, with JavaScript execution in the file...

5.3CVSS5.9AI score0.00262EPSS

Exploits0References1