CVE-2026-34528
CVE-2026-34528 — File Browser : Multiple sources confirm that prior to version 2.62.2, the signupHandler copies all default permissions and only strips Admin, leaving Execute and Commands intact. If signup is enabled and Execute=true with default commands, an unauthenticated self-registered user ...