CVE-2026-21860 | pallets werkzeug up to 3.1.4 windows device name

Inserito da Angelo Barbosa | Gen 8, 2026 | CVE

A vulnerability was found in pallets werkzeug up to 3.1.4. It has been classified as problematic. Impacted is an unknown function. Performing a manipulation results in improper handling of windows device names.

This vulnerability is identified as CVE-2026-21860. The attack can be initiated remotely. There is not any exploit available.

Upgrading the affected component is recommended.

CVE-2026-21860 | pallets werkzeug up to 3.1.4 windows device name

Post correlati

CVE-2024-45696 | D-Link DIR-X4860 A1/COVR-X1870 Telnet Service backdoor

CVE-2025-7646 | Plus Addons for Elementor Plugin up to 6.3.10 on WordPress cross site scripting

CVE-2025-47256 | Libxmp up to 4.6.2 Tracker Module loaders/prowizard/pha.c depack_pha integer underflow (ID 847)

CVE-2024-7214 | TOTOLINK LR350 9.3.5u.6369_B20220309 /cgi-bin/cstecgi.cgi setWanCfg hostName command injection