NVD Vulnerability Detail

Search Exploit, PoC

Exploit DB

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-43872

Summary	Actual is an open-source personal finance application. Prior to version 26.5.0, several endpoints are affected by a path traversal vulnerability. Version 26.5.0 fixes the issue.
Publication Date	June 13, 2026, 5:16 a.m.
Registration Date	June 14, 2026, 4:11 a.m.
Last Update	June 13, 2026, 5:16 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://actualbudget.org/blog/release-26.5.0	security-advisories@github.com
2	https://github.com/actualbudget/actual/security/advisories/GHSA-4wf8-vhhr-4gpv	security-advisories@github.com

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-22	パス・トラバーサル	https://cwe.mitre.org/data/definitions/22.html