SUSE CVE-2026-32759

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. In versions on the 2.x branch prior to 2.33.8, the TUS resumable upload handler parses the Upload-Length header as a signed 64-bit integer without validating th...

GO-2026-4713 File Browser TUS Negative Upload-Length Fires Post-Upload Hooks Prematurely in github.com/filebrowser/filebrowser

File Browser TUS Negative Upload-Length Fires Post-Upload Hooks Prematurely in github.com/filebrowser/filebrowser...

CVE-2026-32759

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. In versions on the 2.x branch prior to 2.33.8, the TUS resumable upload handler parses the Upload-Length header as a signed 64-bit integer without validating th...

CVE-2026-32759

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. In versions on the 2.x branch prior to 2.33.8, the TUS resumable upload handler parses the Upload-Length header as a signed 64-bit integer without validating th...

File Browser 输入验证错误漏洞

File Browser is an open-source file management interface developed by File Browser. It allows for the uploading, deletion, previewing, and editing of files within a specified directory. Versions of File Browser 2.61.2 and earlier contained a vulnerability related to input validation errors. This...

CVE-2026-32759 File Browser TUS Negative Upload-Length Fires Post-Upload Hooks Prematurely

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. In versions 2.61.2 and below, the TUS resumable upload handler parses the Upload-Length header as a signed 64-bit integer without validating that the value is...

CVE-2026-32759

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. In versions 2.61.2 and below, the TUS resumable upload handler parses the Upload-Length header as a signed 64-bit integer without validating that the value is...

CVE-2026-32759 File Browser TUS Negative Upload-Length Fires Post-Upload Hooks Prematurely

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. In versions on the 2.x branch prior to 2.33.8, the TUS resumable upload handler parses the Upload-Length header as a signed 64-bit integer without validating th...

CVE-2026-32759 File Browser TUS Negative Upload-Length Fires Post-Upload Hooks Prematurely

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. In versions on the 2.x branch prior to 2.33.8, the TUS resumable upload handler parses the Upload-Length header as a signed 64-bit integer without validating th...

CVE-2026-32759

File Browser CVE-2026-32759 affects versions 2.61.2 and earlier with a faulty TUS upload handler: Upload-Length is parsed as signed 64-bit without non-negative validation, allowing an authenticated user to supply a negative value that completes uploads on the first PATCH. This can trigger after_u...

Integer Overflow or Wraparound

Overview github.com/filebrowser/filebrowser/v2/http is a web file browser. Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the getUploadLength function. An attacker can repeatedly trigger post-upload hooks with arbitrary filenames and empty file contents by...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the getUploadLength function. An attacker can repeatedly trigger post-upload hooks with arbitrary filenames and empty file contents by supplying a negative value in the Upload-Length header during a TU...

GHSA-FFX7-75GC-JG7C File Browser TUS Negative Upload-Length Fires Post-Upload Hooks Prematurely

!NOTE This feature has been disabled by default for all installations from v2.33.8 onwards, including for existent installations. To exploit this vulnerability, the instance administrator must turn on a feature and ignore all the warnings about known vulnerabilities. We're publishing this new...

File Browser TUS Negative Upload-Length Fires Post-Upload Hooks Prematurely

!NOTE This feature has been disabled by default for all installations from v2.33.8 onwards, including for existent installations. To exploit this vulnerability, the instance administrator must turn on a feature and ignore all the warnings about known vulnerabilities. We're publishing this new...

PT-2026-25857

Name of the Vulnerable Software and Affected Versions File Browser versions 2.61.2 and below Description File Browser has a flaw in its handling of TUS resumable uploads. The software parses the 'Upload-Length' header as a signed 64-bit integer without verifying that the value is non-negative. Th...

PT-2022-24914 · Microsoft · Azure Rtos Usbx

Name of the Vulnerable Software and Affected Versions: Azure RTOS USBX versions prior to 6.1.12 Description: The USB DFU UPLOAD functionality in Azure RTOS USBX may be utilized to introduce a buffer overflow, resulting in the overwrite of memory contents. In particular cases, this may allow an...