CVE-2026-29186 | Backstage up to 1.14.2 unrestricted upload (GHSA-928r-fm4v-mvrw)

Inserito da Angelo Barbosa | Mar 7, 2026 | CVE

A vulnerability classified as critical was found in Backstage up to 1.14.2. The impacted element is an unknown function. Such manipulation leads to unrestricted upload.

This vulnerability is traded as CVE-2026-29186. The attack may be launched remotely. There is no exploit available.

Upgrading the affected component is advised.

CVE-2026-29186 | Backstage up to 1.14.2 unrestricted upload (GHSA-928r-fm4v-mvrw)

Post correlati

CVE-2023-51448 | Cacti up to 1.2.25 HTTP GET managers.php selected_graphs_array sql injection (GHSA-w85f-7c4w-7594)

CVE-2025-0289 | Paragon Partition Manager HalReturnToFirmware MappedSystemVa memory corruption

CVE-2024-4753 | WP Secure Maintenance Plugin up to 1.6 on WordPress cross site scripting

CVE-2025-41410 | Mattermost up to 10.5.10/10.10.2/10.11.2 Slack Import authorization