dash-uploader 0.1.0 - 0.7.0a2 - Denial-of-Service via flowTotalChunks
fohrloop dash-uploader v0.1.0 through v0.7.0a2 contains a remote code execution caused by improper handling in Upload function and maxfilesize parameter in dashuploader components, letting remote attackers execute arbitrary code, exploit requires crafted request. id: CVE-2026-38361 info: name:...