CVE-2026-22034 Snuffleupagus vulnerable to RCE on instances with upload validation enabled but without the VLD package

Snuffleupagus is a module that raises the cost of attacks against website by killing bug classes and providing a virtual patching system. On deployments of Snuffleupagus prior to version 0.13.0 with the non-default upload validation feature enabled and configured to use one of the upstream...

Snuffleupagus 安全漏洞

Snuffleupagus is a security module by Julien Voisin Personal Developer. A security vulnerability exists in Snuffleupagus versions prior to 0.13.0, which stems from a misconfiguration of the upload validation feature that could result in files in multipart POST requests being evaluated as PHP code...