CVE ID :CVE-2026-40040 Published : April 13, 2026, 7:16 p.m. | 32 minutes ago Description :Pachno 1.0.6 contains an unrestricted file upload vulnerability that allows authenticated users to upload arbitrary file types by bypassing ineffective extension filtering to the /uploadfile endpoint. Attackers can upload executable files .php5 scripts to web-accessible directories and execute them to achieve remote code execution on the server. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...