CVE-2026-39345 | OrangeHRM up to 5.8.0 Email Template path traversal

Inserito da Angelo Barbosa | Apr 7, 2026 | CVE

A vulnerability was found in OrangeHRM up to 5.8.0. It has been classified as critical. Impacted is an unknown function of the component Email Template Handler. Performing a manipulation results in path traversal.

This vulnerability is cataloged as CVE-2026-39345. It is possible to initiate the attack remotely. There is no exploit available.

Upgrading the affected component is recommended.

CVE-2026-39345 | OrangeHRM up to 5.8.0 Email Template path traversal

Post correlati

CVE-2023-7035 | automad up to 1.10.9 Setting post.php sitename cross site scripting

CVE-2024-58263 | CosmWasm cosmwasm-std Crate up to 1.4.3/1.5.3/2.0.1 on Rust integer overflow (RUSTSEC-2024-0338)

CVE-2025-27237 | Zabbix Agent up to 6.0.40/7.0.17/7.2.11/7.4.1 on Windows OpenSSL Configuration File uncontrolled search path

CVE-2024-8548 | cagdasdag KB Support Plugin up to 1.6.6 on WordPress authorization