CVE-2026-43940 | electerm up to 3.7.15 ftp runWidget path traversal

Inserito da Angelo Barbosa | Mag 8, 2026 | CVE

A vulnerability categorized as critical has been discovered in electerm up to 3.7.15. The impacted element is the function runWidget of the file terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp. Such manipulation leads to path traversal.

This vulnerability is documented as CVE-2026-43940. The attack needs to be performed locally. There is not any exploit available.

It is advisable to upgrade the affected component.

CVE-2026-43940 | electerm up to 3.7.15 ftp runWidget path traversal

Post correlati

CVE-2024-13457 | theeventscalendar Event Tickets and Registration Plugin up to 5.18.1 on WordPress Object Reference tc-order-id access control

CVE-2024-1815 | Spectra Plugin up to 2.12.8 on WordPress Image Gallery cross site scripting

CVE-2024-56372 | Linux Kernel up to 6.6.67/6.12.6 net/core/skbuff.c tun_napi_alloc_frags denial of service

CVE-2024-51330 | Ultimaker Cura up to 4.41/5.8.1 Inter-Process Communication stack-based overflow