CVE-2024-26291 | Avid NEXIS E-series prior 2025.5.1 on Linux/Windows filename improper authorization

Inserito da Angelo Barbosa | Lug 14, 2025 | CVE

A vulnerability was found in Avid NEXIS E-series, NEXIS F-series, NEXIS PRO+ and System Director Appliance on Linux/Windows. It has been declared as critical. This vulnerability affects unknown code. The manipulation of the argument filename leads to improper authorization.

This vulnerability was named CVE-2024-26291. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-26291 | Avid NEXIS E-series prior 2025.5.1 on Linux/Windows filename improper authorization

Post correlati

CVE-2024-51448 | IBM Robotic Process Automation up to 21.0.7.17/23.0.18 nssm.exe insecure inherited permissions

CVE-2025-26770 | Joe Waymark Plugin up to 1.5.0 on WordPress cross site scripting

CVE-2024-0619 | Payflex Payment Gateway Plugin up to 2.5.0 on WordPress Order Status Update authorization

CVE-2023-40390 | Apple macOS up to 14.1 Location information disclosure