Vulnerabilities

Report: CVE-2026-7676 - kerwincui FastBee Tool Download Endpoint ToolController.java ToolController.downl

2026-05-03 0 views admin

CVE ID :CVE-2026-7676 Published : May 3, 2026, 5:15 a.m. | 35 minutes ago Description :A vulnerability was found in kerwincui FastBee up to 1.2.1. The affected element is the function ToolController.download of the file springboot/fastbee-open-api/src/main/java/com/fastbee/data/controller/ToolController.java of the component Tool Download Endpoint. The manipulation of the argument fileName results in path traversal. The attack may be performed from remote. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-7676

Severity

MEDIUM

Published

May 3, 2026

Affected Product: java

Impact: path traversal

🏷️ Tags

reportkerwincuifastbeedownloadendpointtoolcontrollerdownlpublishedcvecve-2026-7676

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: CVE-2026-7676 - kerwincui FastBee Tool Download Endpoint ToolController.java ToolController.downl

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: CVE-2026-7682 - Edimax BR-6208AC L2TP Mode setWAN command injection - Complete Guide

Report: CVE-2026-5337 - Frontend File Manager Plugin <= 23.6 - subscriber+ arbitrary download access via

Report: Ultimate Guide: CVE-2026-7685 - Edimax BR-6208AC setWAN buffer overflow

Report: Latest: CVE-2026-7684 - Edimax BR-6428nC setWAN buffer overflow

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting