CVE-2026-35393 | patrickhener goshs up to 2.0.0-beta.2 Multipart Upload path traversal (GHSA-jg56-wf8x-qrv5)

Inserito da Angelo Barbosa | Apr 6, 2026 | CVE

A vulnerability described as critical has been identified in patrickhener goshs up to 2.0.0-beta.2. Affected by this vulnerability is an unknown functionality of the component Multipart Upload Handler. Executing a manipulation can lead to path traversal.

This vulnerability is handled as CVE-2026-35393. The attack can be executed remotely. There is not any exploit available.

Upgrading the affected component is recommended.

CVE-2026-35393 | patrickhener goshs up to 2.0.0-beta.2 Multipart Upload path traversal (GHSA-jg56-wf8x-qrv5)

Post correlati

CVE-2023-51550 | Foxit PDF Reader combobox out-of-bounds (ZDI-23-1864)

CVE-2026-35002 | Agno up to 2.3.23 Parameter eval field_type eval injection

CVE-2024-12581 | britner Gutenberg Blocks with AI Plugin up to 3.2.53 on WordPress Setting cross site scripting

CVE-2026-3794 | doramart DoraCMS 3.0.x Email API /api/v1/mail/send improper authentication