CVE-2026-32265 | CraftCMS aws-s3 up to 2.2.4 actionLoadBucketData information disclosure (GHSA-hwj7-4vgc-j3v9)

Inserito da Angelo Barbosa | Mar 18, 2026 | CVE

A vulnerability marked as problematic has been reported in CraftCMS aws-s3 up to 2.2.4. Affected by this issue is the function actionLoadBucketData. Performing a manipulation results in information disclosure.

This vulnerability is known as CVE-2026-32265. Remote exploitation of the attack is possible. No exploit is available.

It is suggested to upgrade the affected component.

CVE-2026-32265 | CraftCMS aws-s3 up to 2.2.4 actionLoadBucketData information disclosure (GHSA-hwj7-4vgc-j3v9)

Post correlati

CVE-2025-56451 | Zhiyuan Collaborative Management Software 7.0 seeyon/main.do topValue cross site scripting

CVE-2025-5988 | Red Hat Ansible Automation Platform 2 cross-site request forgery

CVE-2024-8685 | KUNBUS Revolution Pi 2022-07-28-revpi-buster getFileList.php dir path traversal

CVE-2024-11971 | Guizhou Xiaoma Technology jpress 5.1.2 Avatar upload files cross site scripting