Lucene search
K

5 matches found

OSV
OSV
added 2026/06/25 10:34 p.m.5 views

GO-2026-5458 File Browser has incorrect access control for public directory shares via rule path rebasing in github.com/filebrowser/filebrowser

File Browser has incorrect access control for public directory shares via rule path rebasing in github.com/filebrowser/filebrowser...

7.5CVSS5.8AI score0.00471EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/25 5:43 p.m.28 views

CVE-2026-54091 File Browser: Incorrect access control in public directory shares via rule path rebasing

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.6, File Browser's public share handlers rebase the share owner's filesystem root to the shared directory and then evaluate descendant paths agains...

7.5CVSS0.00471EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 5:43 p.m.31 views

CVE-2026-54091

CVE-2026-54091 : File Browser public shares allow information disclosure due to incorrect access control when rebasing the owner’s filesystem root for public share paths. Before 2.63.6, the public share handler sets d.user.Fs to a BasePathFs rooted at the shared directory and then checks access w...

7.5CVSS5.9AI score0.00471EPSS
Exploits0References3
OSV
OSV
added 2026/06/12 9:53 p.m.7 views

GHSA-J9JX-HP4C-GHHH File Browser has incorrect access control for public directory shares via rule path rebasing

Summary File Browser's public share handlers rebase the share owner's filesystem root to the shared directory and then evaluate descendant paths against the owner's global and per-user rules using the rebased relative path instead of the original path relative to the owner's scope. As a result, a...

7.5CVSS5.6AI score0.00471EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/06/12 9:53 p.m.12 views

File Browser has incorrect access control for public directory shares via rule path rebasing

Summary File Browser's public share handlers rebase the share owner's filesystem root to the shared directory and then evaluate descendant paths against the owner's global and per-user rules using the rebased relative path instead of the original path relative to the owner's scope. As a result, a...

7.5CVSS5.5AI score0.00471EPSS
Exploits0References4Affected Software2
Rows per page
Query Builder