NVD Vulnerability Detail

Search Exploit, PoC

Exploit DB

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-49103

Summary	Webmin before 2.640 does not safely construct a filename for saving of an attachment within the mailboxes component. This occurs in mailboxes/detachall.cgi.
Publication Date	May 28, 2026, 12:16 a.m.
Registration Date	May 28, 2026, 4:14 a.m.
Last Update	May 28, 2026, 12:16 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://github.com/webmin/webmin/commit/cf432879a14568c4bb44cd2f9e5a9bd0e168edc1	cve@mitre.org
2	https://github.com/webmin/webmin/compare/2.630...2.640	cve@mitre.org

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-24	パストラバーサル (../filedir)	https://cwe.mitre.org/data/definitions/24.html