CVE-2026-45225 | heymrun heym up to 0.0.20 File Upload Endpoint upload_file path traversal

Inserito da Angelo Barbosa | Mag 12, 2026 | CVE

A vulnerability labeled as critical has been found in heymrun heym up to 0.0.20. This issue affects the function upload_file of the component File Upload Endpoint. Such manipulation leads to path traversal.

This vulnerability is uniquely identified as CVE-2026-45225. The attack can be launched remotely. No exploit exists.

The affected component should be upgraded.

CVE-2026-45225 | heymrun heym up to 0.0.20 File Upload Endpoint upload_file path traversal

Post correlati

CVE-2024-12232 | code-projects Simple CRUD Functionality 1.0 /index.php newtitle/newdescr cross site scripting

CVE-2023-38299 | AT&T/Nokia Devices information disclosure

CVE-2026-32129 | stellar rs-soroban-poseidon up to 25.0.0 weak hash

CVE-2025-38527 | Linux Kernel up to 6.1.146/6.6.99/6.12.39/6.15.7 smb cifs_oplock_break use after free