CVE-2026-57856 - Cockpit CMS Path Traversal via Bucket Name in Bucket File Storage API
CVE ID :CVE-2026-57856 Published : July 13, 2026, 11:16 p.m. | 1 hour, 17 minutes ago Description :Cockpit CMS contains a path traversal vulnerability in the Bucket file storage API (/system/buckets/api). The api() method in modules/System/Controller/Buckets.php sanitizes the bucket name with...