CVE-2026-35023 | Cloud Solutions SAS Wimi Teamwork up to 8.1.x Image Preview preview.php item_id authorization

Inserito da Angelo Barbosa | Apr 8, 2026 | CVE

A vulnerability classified as problematic was found in Cloud Solutions SAS Wimi Teamwork up to 8.1.x. The affected element is an unknown function of the file preview.php of the component Image Preview Handler. Executing a manipulation of the argument item_id can lead to authorization bypass.

This vulnerability is registered as CVE-2026-35023. It is possible to launch the attack remotely. No exploit is available.

Upgrading the affected component is advised.

CVE-2026-35023 | Cloud Solutions SAS Wimi Teamwork up to 8.1.x Image Preview preview.php item_id authorization

Post correlati

CVE-2025-54670 | oik Plugin up to 4.15.2 on WordPress cross site scripting

CVE-2025-56815 | Datart 1.0.0-rc.3 /viz/image MultipartFile.transferTo path traversal

CVE-2025-22699 | Traveler Code Plugin up to 3.1.0 on WordPress sql injection

CVE-2024-50057 | Linux Kernel up to 6.6.56/6.11.3 kernel/irq/devres.c devm_free_irq use after free (b72bf5cade51/4d4b23c11954/db63d9868f7f)