CVE-2026-32268 | CraftCMS azure-blob up to 2.1.0 actionLoadContainerData authorization (GHSA-q6fm-p73f-x862)

Inserito da Angelo Barbosa | Mar 18, 2026 | CVE

A vulnerability described as problematic has been identified in CraftCMS azure-blob up to 2.1.0. This affects the function actionLoadContainerData. Executing a manipulation can lead to missing authorization.

This vulnerability is handled as CVE-2026-32268. The attack can be executed remotely. There is not any exploit available.

Upgrading the affected component is recommended.

CVE-2026-32268 | CraftCMS azure-blob up to 2.1.0 actionLoadContainerData authorization (GHSA-q6fm-p73f-x862)

Post correlati

CVE-2024-7849 | D-Link DNS-1550-04 up to 20240814 photocenter_mgr.cgi cgi_create_album current_path buffer overflow (SAP10383)

CVE-2024-34817 | CRM Perks Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms Plugin cross-site request forgery

CVE-2024-52438 | deco.agency de:branding Plugin up to 1.0.2 on WordPress missing authentication

CVE-2024-49669 | Alexander De Ridder INK Official Plugin up to 4.1.2 on WordPress unrestricted upload