High CVE-2026-11416 MoviePilot contains a path traversal vulnerability in the AliPan, U115, and Rclone cloud storage download handlers where the local destination path is constructed by concatenating the configured download directory with a filename taken directly from remote cloud API metadata...

#Sicherheitslücke #Cloud

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

[High] CVE-2026-11416 – MoviePilot contains a path traversal vulnerability in the AliPan, U115, and Rclo...

VERWANDTEARTIKEL

CVE-2026-7654 - Admin Columns <= 7.0.18 - Authenticated (Contributor+) PHP Object Injection to Remote Code Execution via Custom Field Meta Value

[High] CVE-2026-11424 – A server-side request forgery (SSRF) vulnerability exists in a GraphQL service c...

[Critical] CVE-2026-11429 – A path traversal vulnerability exists in the Git Service component shared by Alt...

[High] CVE-2026-11431 – A path traversal vulnerability exists in the Projects Service download endpoint ...

CVE-2026-11416 - MoviePilot Path Traversal via Cloud Storage Download Handlers

CVE-2026-11424 - Server-Side Request Forgery in Altium Platform Design GraphQL Service Allows Information Disclosure