CyberRota
← Ana sayfaya dön

CVE-2026-25559

HIGH · CVSS 8.8 EPSS %0.57 Public Exploit

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-08T17:16:41.237 · Çekilme zamanı: 2026-06-30T12:12:56.091149+00:00

CyberRota Yorumu

Uzaktan istismar edilebilir olabilir.

Public Exploit Sinyali

Bu CVE için açıklama veya referanslarda public exploit / PoC / GitHub / Metasploit sinyali tespit edildi.

Tespit Edilen Sinyaller
remote code execution code execution

Not: Bu bağlantılar yalnızca güvenlik araştırması ve doğrulama amacıyla listelenmiştir.

CVE
CVE-2026-25559
Severity
HIGH
CVSS
8.8
EPSS
%0.57

Orijinal NVD Açıklaması

OpenBullet2 through version 0.3.2 contains a path traversal vulnerability in the wordlist endpoint that allows authenticated attackers to perform arbitrary file read, write, and delete operations by supplying unsanitized absolute paths to the upload handler and wordlist functions. Attackers can chain the file write and delete primitives to achieve remote code execution by manipulating critical system files such as /etc/passwd, with full system impact since the application runs as root by default.