CVE-2026-4591 | kalcaddle kodbox 1.64 fileThumb Endpoint app.php checkBin os command injection

Inserito da Angelo Barbosa | Mar 22, 2026 | CVE

A vulnerability was found in kalcaddle kodbox 1.64 and classified as critical. This affects the function checkBin of the file /workspace/source-code/plugins/fileThumb/app.php of the component fileThumb Endpoint. Executing a manipulation can lead to os command injection.

This vulnerability is handled as CVE-2026-4591. The attack can be executed remotely. Additionally, an exploit exists.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-4591 | kalcaddle kodbox 1.64 fileThumb Endpoint app.php checkBin os command injection

Post correlati

CVE-2024-33881 | VirtoSoftware Virto Bulk File Download for SharePoint 2019 5.5.44 UNC Share Pathname Download.ashx path information disclosure

CVE-2024-6090 | gaizhenbiao ChuanhuChatGPT up to 20240410 resource consumption

CVE-2024-4939 | wpweaver Weaver Xtreme Theme Support Plugin up to 6.4 on WordPress cross site scripting

CVE-2024-46908 | Progress WhatsUp Gold up to 2024.0.0 sql injection