EUVD-2026-23842

A vulnerability was detected in p2r3 convert up to 6998584ace3e11db66dff0b423612a5cf91de75b. Affected is the function Bun.serve of the file buildCache.js of the component API. Performing a manipulation of the argument pathname results in path traversal. It is possible to initiate the attack...

CVE-2026-6636 p2r3 convert API buildCache.js Bun.serve path traversal

A vulnerability was detected in p2r3 convert up to 6998584ace3e11db66dff0b423612a5cf91de75b. Affected is the function Bun.serve of the file buildCache.js of the component API. Performing a manipulation of the argument pathname results in path traversal. It is possible to initiate the attack...

CVE-2026-6636

A concrete vulnerability exists in the p2r3 convert API component, specifically in Bun.serve within buildCache.js. The issue is a path traversal caused by manipulation of the pathname argument, which can be triggered remotely. Public exploit information is noted. The product uses rolling releases...

PT-2026-33759

A vulnerability was detected in p2r3 convert up to 6998584ace3e11db66dff0b423612a5cf91de75b. Affected is the function Bun.serve of the file buildCache.js of the component API. Performing a manipulation of the argument pathname results in path traversal. It is possible to initiate the attack...

Convert 安全漏洞

Convert is an online file format conversion tool developed by p2r3 individuals. Convert has a security vulnerability, which stems from improper handling of parameters pathname in the component API functions of the buildCache.js file. This could lead to path traversal attacks...