CVE-2026-32265 | CraftCMS aws-s3 up to 2.2.4 actionLoadBucketData information disclosure (GHSA-hwj7-4vgc-j3v9)

Inserito da Angelo Barbosa | Mar 18, 2026 | CVE

A vulnerability marked as problematic has been reported in CraftCMS aws-s3 up to 2.2.4. Affected by this issue is the function actionLoadBucketData. Performing a manipulation results in information disclosure.

This vulnerability is known as CVE-2026-32265. Remote exploitation of the attack is possible. No exploit is available.

It is suggested to upgrade the affected component.

CVE-2026-32265 | CraftCMS aws-s3 up to 2.2.4 actionLoadBucketData information disclosure (GHSA-hwj7-4vgc-j3v9)

Post correlati

CVE-2024-25912 | MoveTo Plugin up to 6.2 on WordPress Options Update authorization

CVE-2024-57926 | Linux Kernel up to 6.6.71/6.12.9/6.13-rc6 use after free

CVE-2024-50585 | Numerix License Server Administration System 1.1_596 HTTP POST Request nlslogin.jsp cross site scripting

CVE-2024-8836 | PDF-XChange Editor TIF File Parser out-of-bounds (ZDI-24-1259)