CVE-2026-35585 | filebrowser File Browser up to 2.63.1 FILE/USERNAME os command injection (ID 5199)

Inserito da Angelo Barbosa | Apr 7, 2026 | CVE

A vulnerability, which was classified as critical, has been found in filebrowser File Browser up to 2.63.1. Affected by this vulnerability is an unknown functionality. Performing a manipulation of the argument FILE/USERNAME results in os command injection.

This vulnerability is cataloged as CVE-2026-35585. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2026-35585 | filebrowser File Browser up to 2.63.1 FILE/USERNAME os command injection (ID 5199)

Post correlati

CVE-2025-69620 | Chan Moo Chan Song 4.5.7 path traversal (ID 11)

CVE-2025-12955 | delabon Live Sales Notification for Woocommerce Plugin up to 2.3.39 on WordPress Customer Information getOrders authorization

CVE-2025-14364 | Demo Importer Plus Plugin up to 2.0.8 on WordPress Ajax::handle_request authorization

CVE-2025-6417 | PHPGurukul Art Gallery Management System 1.1 /admin/add-artist.php awarddetails sql injection