Vulnerabilities

Report: CVE-2026-7182 - Path Traversal in Diagram - Analysis

2026-05-15 0 views admin

CVE ID :CVE-2026-7182 Published : May 15, 2026, 12:31 p.m. | 38 minutes ago Description :Diagram's export module is vulnerable to Path Traversal in src attribute due to lack of HTML sanitization. An unauthenticated user could craft the html payload which could include local files from the server and display them in the generated pdf. This issue was fixed in version 1.1.1. Severity: 9.2 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-7182

Severity

CRITICAL

Published

May 15, 2026

Attack Vector: local

Impact: Path Traversal

🏷️ Tags

reporttraversaldiagramanalysispublishedminutesdescriptionexportcvecve-2026-7182

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: CVE-2026-7182 - Path Traversal in Diagram - Analysis

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: CVE-2026-8669 - Imager versions through 1.030 for Perl allow a heap out of bounds (OOB) write on

Report: CVE-2026-46333 - ptrace: slightly saner 'get_dumpable()' logic - Full Analysis

Report: CVE-2026-8503 - Apache::Session::Generate::SHA256 versions before 1.3.19 for Perl create insecure

Report: CVE-2026-8454 - Imager::File::GIF versions through 1.002 for Perl allow a heap out of bounds (OOB

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting