CVE Catalog
CVE-2026-40748
CriticalCVSS 9.9Summary
In Kids Gift Shop versions <= 0.5.4, there is a vulnerability allowing arbitrary file uploads by subscribers.
Risk Assessment
An attacker could exploit this vulnerability to upload malicious files, potentially compromising the system.
Recommendation
It is recommended to upgrade to the latest version of the application to mitigate this vulnerability.
Original NVD description (English source)
Subscriber Arbitrary File Upload in Kids Gift Shop <= 0.5.4 versions.

