CYBERHAWK / CVE / CVE-2026-25559

CVE-2026-25559

HIGH CVSS 8.8 other

The flaw

OpenBullet2 through version 0.3.2 contains a path traversal vulnerability in the wordlist endpoint that allows authenticated attackers to perform arbitrary file read, write, and delete operations by supplying unsanitized absolute paths to t

What to do

Review advisory and patch per vendor guidance.

▸ Scan my repo for CVE-2026-25559

References

NVD CISA KEV OSV GitHub Advisory MITRE News search

In the news

One Empty Header to Admin: How an Auth Bypass Breaks OpenBullet2HackerNoon · 2026-06-06

First seen 2026-06-12 · Tracked by PickBits CyberHawk · Weekly CVE digest

← All CVEs RSS Scheduled audits