CVE-2026-7086 | HBAI-Ltd Toonflow-app up to 1.1.1 Storyboard Export replaceUrl.ts updateStoryboardUrl url path traversal (Issue 97)

A vulnerability classified as critical was found in HBAI-Ltd Toonflow-app up to 1.1.1. This issue affects the function updateStoryboardUrl of the file replaceUrl.ts of the component Storyboard Export. Such manipulation of the argument url leads to path traversal.

This vulnerability is referenced as CVE-2026-7086. It is possible to launch the attack remotely. Furthermore, an exploit is available.

It is still unclear if this vulnerability genuinely exists.

The vendor explains in a reply to the issue report, that “[t]he URL of this interface is designed to only be a local address or a trusted domain address configured in docker, and will not contain malicious links, unless the user modifies the code causing unexpected situations.”

CVE-2026-7086 | HBAI-Ltd Toonflow-app up to 1.1.1 Storyboard Export replaceUrl.ts updateStoryboardUrl url path traversal (Issue 97)

Post correlati

CVE-2025-27649 | Vasion Print Virtual Appliance Host access control

CVE-2025-7499 | BetterDocs Plugin up to 4.1.1 on WordPress get_response authorization

CVE-2024-54116 | Huawei HarmonyOS 5.0.0 M3U8 Module unusual condition

CVE-2026-41456 | Bludit up to 3.20 URL cross site scripting (6732dde)