CVE-2026-29909
CVE-2026-29909 affects MRCMS v3.1.2. The /admin/file/list.do endpoint in the file management module is unauthenticated and lacks input validation, enabling remote directory enumeration without credentials. The vulnerability is consistently described across NVD, Red Hat, ENISA EUVD, CVE List, and ...