CVE-2026-33645 Fireshare has Path Traversal Arbitrary File Write in `/api/uploadChunked`

Fireshare facilitates self-hosted media and link sharing. In version 1.5.1, an authenticated path traversal vulnerability in Fireshare’s chunked upload endpoint allows an attacker to write arbitrary files outside the intended upload directory. The checkSum multipart field is used directly in...