CyberRota
← Ana sayfaya dön

CVE-2026-54096

HIGH · CVSS 8.4 EPSS %0.18 Public Exploit

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-25T19:16:41.620 · Çekilme zamanı: 2026-06-30T18:34:23.042524+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

Public Exploit Sinyali

Bu CVE için açıklama veya referanslarda public exploit / PoC / GitHub / Metasploit sinyali tespit edildi.

GitHub PoC Linkleri
github.com

Not: Bu bağlantılar yalnızca güvenlik araştırması ve doğrulama amacıyla listelenmiştir.

CVE
CVE-2026-54096
Severity
HIGH
CVSS
8.4
EPSS
%0.18

Orijinal NVD Açıklaması

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.7, `POST /api/share/<path>` accepts an authenticated request for an arbitrary path and stores a public share record without checking whether the target file currently exists. Later, when a file is created at that same path, the previously created public share immediately becomes valid and exposes the new file through `GET /api/public/dl/<hash>`. This vulnerability is fixed in 2.63.7.