CVE-2026-26202 | Penpot up to 2.13.1 RPC Endpoint path traversal (GHSA-xp3f-g8rq-9px2)

Inserito da Angelo Barbosa | Feb 19, 2026 | CVE

A vulnerability categorized as critical has been discovered in Penpot up to 2.13.1. This affects an unknown function of the component RPC Endpoint. Such manipulation leads to path traversal.

This vulnerability is referenced as CVE-2026-26202. It is possible to launch the attack remotely. No exploit is available.

It is advisable to upgrade the affected component.

CVE-2026-26202 | Penpot up to 2.13.1 RPC Endpoint path traversal (GHSA-xp3f-g8rq-9px2)

Post correlati

CVE-2024-0953 | Mozilla Firefox on iOS QR Code unknown vulnerability

CVE-2025-11668 | code-projects Automated Voting System 1.0 /admin/update_user.php Password sql injection

CVE-2024-39815 | Vonets VGA-1000 up to 3.3.23.6.9 unknown vulnerability (icsa-24-214-08)

CVE-2025-24892 | opf openproject up to 15.2.0 Group Management Section cross site scripting