CVE-2026-27636 | freescout-help-desk freescout up to 1.8.205 app/Misc/Helper.php unrestricted upload (GHSA-6gcm-v8xf-j9v9)

Inserito da Angelo Barbosa | Feb 25, 2026 | CVE

A vulnerability marked as critical has been reported in freescout-help-desk freescout up to 1.8.205. Affected is an unknown function of the file app/Misc/Helper.php. The manipulation leads to unrestricted upload.

This vulnerability is uniquely identified as CVE-2026-27636. The attack is possible to be carried out remotely. No exploit exists.

It is suggested to upgrade the affected component.

CVE-2026-27636 | freescout-help-desk freescout up to 1.8.205 app/Misc/Helper.php unrestricted upload (GHSA-6gcm-v8xf-j9v9)

Post correlati

CVE-2024-6332 | Booking for Appointments and Events Calendar Plugin authorization

CVE-2025-11529 | ChurchCRM up to 5.18.0 API Endpoint AuthMiddleware.php AuthMiddleware missing authentication

CVE-2025-22558 | Marcus C. J. Hartmann mcjh Button Shortcode Plugin up to 1.6.4 on WordPress cross site scripting

CVE-2023-39998 | Muffingroup Betheme Plugin up to 27.1.1 on WordPress authorization