CVE ID :CVE-2026-48616 Published : June 16, 2026, 11:08 p.m. | 4 hours ago Description :Rocket.Chat versions <8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, 7.13.9, 7.10.13 has an access control vulnerability in Livechat files. Protected file downloads at /file-upload/:fileId/:name authorize...

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

CVE-2026-48616 - Rocket.Chat Livechat File Access Control Bypass

VERWANDTEARTIKEL

UNC3753 Uses Screen-Sharing Sessions and RMM Tools to Exfiltrate Sensitive Legal Data

CVE-2026-48788 - Remark42: Cross-Site Scripting (XSS) on /api/v1/img via content-type spoofing

CISA warnt vor aktiv ausgenutzter cPanel-Schwachstelle in LiteSpeed-Plugin

CVE-2026-48745 - Traccar Client: silent configuration hijack via unverified deep link redirects all GPS telemetry

CVE-2026-48781 - Postiz has cross-tenant SUPERADMIN takeover via Skool-provider JWT forgery

CVE-2026-25470 - WordPress ACPT (Pro) - Custom Post Types plugin for WordPress plugin <= 2.0.47 - Remote Code Execution (RCE) vulnerability