CVE-2026-13165 | Krajowa Izba Rozliczeniowa SzafirHost up to 1.2.1 JarFile Parser unrestricted upload

Inserito da Angelo Barbosa | Giu 29, 2026 | CVE

A vulnerability described as critical has been identified in Krajowa Izba Rozliczeniowa SzafirHost up to 1.2.1. This affects an unknown function of the component JarFile Parser. Such manipulation leads to unrestricted upload.

This vulnerability is traded as CVE-2026-13165. The attack may be launched remotely. There is no exploit available.

Upgrading the affected component is recommended.

CVE-2026-13165 | Krajowa Izba Rozliczeniowa SzafirHost up to 1.2.1 JarFile Parser unrestricted upload

Post correlati

CVE-2023-7002 | Backup Migration Plugin up to 1.3.9 on WordPress URL os command injection

CVE-2024-24160 | MRCMS 3.0 saveinfo.do cross site scripting

CVE-2026-56348 | n8n-io n8n up to 2.19.x options server-side request forgery (GHSA-3875-8gcx-7v46)

CVE-2023-50461 | Ivan Kartolo Direct Mail Extension on TYPO3 Configuration injection