CVE-2026-5638

HerikLyma CPPWebFramework path traversal

CVSS 6.9 MEDIUMEPSS 0.5%CWE-22

A vulnerability was detected in HerikLyma CPPWebFramework up to 3.1. This issue affects some unknown processing. Performing a manipulation results in path traversal. Remote exploitation of the attack is possible. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P

Productos afectados

HerikLyma · CPPWebFramework

PoCs públicas encontradas — 1

cve_referencegithub.com/HerikLyma/CPPWebFramework/issues/40#issue-4118436068no verificado

⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://github.com/HerikLyma/CPPWebFramework/https://github.com/HerikLyma/CPPWebFramework/issues/40 https://github.com/HerikLyma/CPPWebFramework/issues/40#issue-4118436068 https://vuldb.com/submit/785952 https://vuldb.com/vuln/355426 https://vuldb.com/vuln/355426/cti