Skip to content
Threat Feed
Subscribe

Tag

File-Read

9 briefs RSS
high advisory

Nodemailer: Message-level raw option bypasses disableFileAccess/disableUrlAccess, enabling arbitrary file read and full-response SSRF

Nodemailer versions up to 9.0.0 are vulnerable to arbitrary local file read and full-response Server-Side Request Forgery (SSRF) when handling untrusted input for the message-level `raw` option, bypassing intended security flags and allowing sensitive content to be exfiltrated via an attacker-controlled recipient.

Nodemailer <= 9.0.0 ssrf file-read nodemailer nodejs javascript supply-chain
2r 3t 2i
high advisory

Portainer Arbitrary File Read via Git Symlink Injection

Portainer is vulnerable to an arbitrary file read vulnerability due to Git symlink injection when deploying stacks from Git repositories, allowing authenticated users to read sensitive files accessible to the Portainer process.

Portainer CE +1 git symlink file-read portainer cve-2026-44881 vulnerability
2r 5t
high advisory

Dalfox Server Mode Unauthenticated Arbitrary File Read

Dalfox server mode is vulnerable to an unauthenticated arbitrary file read with out-of-band exfiltration via the `custom-payload-file` parameter, allowing attackers to read sensitive files on the host.

dalfox/v2 unauthenticated-access file-read ghsa
2r 3t
critical advisory

Everest Forms Plugin Arbitrary File Read and Deletion Vulnerability

The Everest Forms plugin for WordPress is vulnerable to arbitrary file read and deletion, allowing unauthenticated attackers to access sensitive data or cause denial of service by manipulating the 'old_files' parameter in versions up to 3.4.4.

wordpress plugin file-read file-deletion cve-2026-5478
2r 3t 1c
critical advisory

WP Customer Area Plugin Arbitrary File Read and Deletion Vulnerability

The WP Customer Area plugin for WordPress is vulnerable to arbitrary file read and deletion due to insufficient file path validation, allowing authenticated attackers to read sensitive files or delete critical files leading to potential remote code execution.

wordpress plugin file-read file-deletion rce
2r 1t 1c
high advisory

Unlimited Elements for Elementor WordPress Plugin Arbitrary File Read (CVE-2026-4659)

The Unlimited Elements for Elementor plugin for WordPress is vulnerable to arbitrary file read due to insufficient path traversal sanitization, allowing authenticated attackers to read sensitive files from the WordPress host.

wordpress file-read path-traversal cve-2026-4659
2r 1t 1c
high advisory

HashiCorp go-getter Arbitrary File Read Vulnerability (CVE-2026-4660)

HashiCorp's go-getter library up to v1.8.5 is vulnerable to arbitrary file reads on the file system during certain git operations through a maliciously crafted URL (CVE-2026-4660), potentially allowing attackers to access sensitive information.

cve-2026-4660 file-read go-getter information-disclosure
2r 1t 1c 1i
high advisory

Gotenberg Chromium Deny-List Bypass via Case-Insensitive URL Scheme

Gotenberg versions before 8.29.0 are vulnerable to unauthenticated arbitrary file read, where a case-insensitive URL scheme bypasses the Chromium deny-list, allowing attackers to read sensitive files such as /etc/passwd by using mixed-case or uppercase URL schemes like FILE:///etc/passwd, leading to the leakage of sensitive data from the Gotenberg container and bypassing the fix for CVE-2024-21527.

gotenberg file-read vulnerability chromium
2r 1t
critical threat

Weaver E-cology Arbitrary File Read Vulnerability (CVE-2022-50992)

Unauthenticated remote attackers can exploit an arbitrary file read vulnerability (CVE-2022-50992) in Weaver E-cology 9.5 versions prior to 10.52 via the XML-RPC endpoint to access sensitive files.

exploited E-cology 9.5 cve-2022-50992 file-read vulnerability webserver
2r 1t 1c