CVE-2026-44884 | portainer Community Edition up to 2.33.7/2.39.0 Custom Template File Endpoint file authorization (GHSA-cqpq-2fgr-8mvc)

Inserito da Angelo Barbosa | Mag 29, 2026 | CVE

A vulnerability classified as problematic was found in portainer Community Edition up to 2.33.7/2.39.0. This affects an unknown function of the file /api/custom_templates/{id}/file of the component Custom Template File Endpoint. The manipulation results in missing authorization.

This vulnerability is reported as CVE-2026-44884. The attack can be launched remotely. No exploit exists.

Upgrading the affected component is advised.

CVE-2026-44884 | portainer Community Edition up to 2.33.7/2.39.0 Custom Template File Endpoint file authorization (GHSA-cqpq-2fgr-8mvc)

Post correlati

CVE-2026-0590 | code-projects Online Product Reservation System 1.0 POST Parameter /app/checkout/delete.php ID sql injection

CVE-2024-2030 | Database for Contact Form 7, WPforms, Elementor Forms Shortcode cross site scripting

CVE-2023-6581 | D-Link DAR-7000 up to 20231126 /user/inc/workidajax.php id sql injection

CVE-2024-4904 | Byzoro Smart S200 Management Platform userattestation.php web_img unrestricted upload