Tag

CVE-2026-37709

1 brief RSS

Snipe-IT File Upload Vulnerability Leads to Remote Code Execution (CVE-2026-37709)

Snipe-IT versions prior to 8.4.1 are vulnerable to remote code execution due to insecure permissions on file uploads, where an attacker can upload arbitrary files and execute code on the server.

snipe-it remote code execution file upload insecure permissions asset management CVE-2026-37709

2r 1t 1c 1h ago