Tag

CVE-2026-45225

1 brief RSS

Heym Path Traversal Vulnerability in File Upload Endpoint (CVE-2026-45225)

Heym before 0.0.21 is vulnerable to path traversal, allowing authenticated users to write attacker-controlled files to arbitrary locations by exploiting the unvalidated filename parameter in the upload_file() handler (CVE-2026-45225).

Heym +1 path-traversal file-upload CVE-2026-45225

2r 1t 1c 58m ago