CVE-2025-31134
FreshRSS vulnerable before version 1.26.2 due to a directory existence check (ext.php related) that can disclose server information. An attacker could infer presence of older PHP versions or other installed software, aiding further targeted actions. Version 1.26.2 fixes the issue with a patch. Th...