Avid NEXIS Agent - Arbitrary File Read

Avid NEXIS E-series, F-series, PRO+, and System Director Appliance SDA+ before 2025.5.1 contain an unauthenticated arbitrary file read caused by improper validation of the filename parameter, letting unauthenticated attackers read sensitive files, exploit requires no authentication. id:...

Astra Linux - уязвимость в squashfs-tools

In Squashfs-Tools 4.5, the squashfsopendir variable in unsquash-1.c stores the filename within the directory entry. This filename is then used by unsquashfs to create the new file during the unsquash process. The filename is not validated for traversal outside of the destination directory, allowi...

CVE-2026-45225

CVE-2026-45225 affects Heym before 0.0.21. A path traversal flaw in the file upload endpoint (upload_file()) allows authenticated users to write attacker-controlled files to arbitrary locations by using traversal sequences in the filename. The vulnerability stems from an unvalidated filename para...

EUVD-2026-29428

Affected devices do not properly validate and sanitize filenames on the Firmware Update page. This could allow a remote attacker to social engineer the user into selecting the modified firmware file to be uploaded. This would result in malitcious JavaScript execution in the context of the...

CVE-2026-25789

Affected devices do not properly validate and sanitize filenames on the Firmware Update page. This could allow a remote attacker to social engineer the user into selecting the modified firmware file to be uploaded. This would result in malitcious JavaScript execution in the context of the...

CVE-2026-25789

Affected devices do not properly validate and sanitize filenames on the Firmware Update page. This could allow a remote attacker to social engineer the user into selecting the modified firmware file to be uploaded. This would result in malitcious JavaScript execution in the context of the...

CVE-2026-25789

Technical details about CVE-2026-25789 are not publicly available in the provided documents. Monitor for updates from Siemens and CVE records.

CVE-2026-25789

Affected devices do not properly validate and sanitize filenames on the Firmware Update page. This could allow a remote attacker to social engineer the user into selecting the modified firmware file to be uploaded. This would result in malitcious JavaScript execution in the context of the...

PT-2026-39986

Affected devices do not properly validate and sanitize filenames on the Firmware Update page. This could allow a remote attacker to social engineer the user into selecting the modified firmware file to be uploaded. This would result in malitcious JavaScript execution in the context of the...

CLSA-2026-1778237316 libssh: Fix of CVE-2026-0964

CVE-2026-0964: reject invalid filenames in sshscppullrequest to prevent path traversal via SCP...

GHSA-FRQ9-7J6G-V74X Payload has Insufficient Filename Validation in Client-Upload Signed-URL Endpoints

Impact The client-upload signed-URL endpoints for S3, GCS, Azure, and R2 did not properly sanitize filenames. An attacker could craft filenames to escape the intended storage location. Consumers are affected if ALL of these are true: - Payload version v3.78.0 - Using client-upload signed-URL...

Payload has Insufficient Filename Validation in Client-Upload Signed-URL Endpoints

Impact The client-upload signed-URL endpoints for S3, GCS, Azure, and R2 did not properly sanitize filenames. An attacker could craft filenames to escape the intended storage location. Consumers are affected if ALL of these are true: - Payload version v3.78.0 - Using client-upload signed-URL...

CVE-2026-34750 Payload has Insufficient Filename Validation in Client-Upload Signed-URL Endpoints

Payload is a free and open source headless content management system. Prior to version 3.78.0 in @payloadcms/storage-azure, @payloadcms/storage-gcs, @payloadcms/storage-r2, and @payloadcms/storage-s3, the client-upload signed-URL endpoints for S3, GCS, Azure, and R2 did not properly sanitize...

CVE-2026-34750

Payload CMS is affected by CVE-2026-34750 due to improper sanitization of filenames in client-upload signed-URL endpoints for storage backends (storage-azure, storage-gcs, storage-r2, storage-s3) prior to version 3.78.0. An attacker could craft filenames to escape the intended storage location. A...

CVE-2026-33071

FileRise is a self-hosted web file manager / WebDAV server. In versions prior to 3.8.0, the WebDAV upload endpoint accepts any file extension including .phtml, .php5, .htaccess, and other server-side executable types, bypassing the filename validation enforced by the regular upload path. In...

CVE-2026-33071 FileRise: WebDAV upload path bypasses filename validation enforced by regular uploads

FileRise is a self-hosted web file manager / WebDAV server. In versions prior to 3.8.0, the WebDAV upload endpoint accepts any file extension including .phtml, .php5, .htaccess, and other server-side executable types, bypassing the filename validation enforced by the regular upload path. In...

CVE-2026-33071 FileRise: WebDAV upload path bypasses filename validation enforced by regular uploads

FileRise is a self-hosted web file manager / WebDAV server. In versions prior to 3.8.0, the WebDAV upload endpoint accepts any file extension including .phtml, .php5, .htaccess, and other server-side executable types, bypassing the filename validation enforced by the regular upload path. In...

CVE-2026-33071 FileRise: WebDAV upload path bypasses filename validation enforced by regular uploads

FileRise is a self-hosted web file manager / WebDAV server. In versions prior to 3.8.0, the WebDAV upload endpoint accepts any file extension including .phtml, .php5, .htaccess, and other server-side executable types, bypassing the filename validation enforced by the regular upload path. In...

EUVD-2026-13641

FileRise is a self-hosted web file manager / WebDAV server. In versions prior to 3.8.0, the WebDAV upload endpoint accepts any file extension including .phtml, .php5, .htaccess, and other server-side executable types, bypassing the filename validation enforced by the regular upload path. In...

FileRise 安全漏洞

FileRise is a lightweight, self-hosted web-based file manager developed by Ryan. Versions of FileRise prior to 3.8.0 contained security vulnerabilities. These vulnerabilities stemmed from insufficient filename validation at the WebDAV upload endpoint, which could lead to remote code execution...