CVE-2026-38993 | Cockpit up to 2.13.5 Buckets path traversal

Inserito da Angelo Barbosa | Apr 29, 2026 | CVE

A vulnerability was found in Cockpit up to 2.13.5. It has been classified as critical. The impacted element is an unknown function of the component Buckets. This manipulation causes path traversal.

The identification of this vulnerability is CVE-2026-38993. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2026-38993 | Cockpit up to 2.13.5 Buckets path traversal

Post correlati

CVE-2025-7343 | Digiwin SFT up to 3.7.12 sql injection

CVE-2025-14568 | haxxorsid Stock-Management-System up to fbbbf213e9c93b87183a3891f77e3cc7095f22b0 model/User.php employee_id/id/admin sql injection

CVE-2025-22143 | LabRedesCefetRJ WeGIA up to 3.2.7 listar_permissoes.php msg_e cross site scripting (GHSA-gxh2-8jxp-m59h)

CVE-2025-4188 | Advanced Reorder Image Text Slider Plugin up to 1.0 on WordPress Setting cross-site request forgery