CVE Catalog

CVE-2026-49133

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.34%

26th percentile — higher than 26% of all known CVEs

Summary

Typemill before 2.24.0 contains a path traversal vulnerability that allows authenticated attackers with Author-level privileges to read arbitrary files outside the content directory by supplying traversal sequences in the path query parameter passed to Storage::getFile() with an empty folder argument.

Risk Assessment

This vulnerability allows access to sensitive files, which may lead to data exposure and privacy breaches for the organization.

Recommendation

It is recommended to update Typemill to version 2.24.0 or later to mitigate this vulnerability and review the permissions of users with Author-level access.

Original NVD description (English source)

Typemill before 2.24.0 contains a path traversal vulnerability that allows authenticated attackers with Author-level privileges to read arbitrary files outside the content directory by supplying traversal sequences in the path query parameter passed to Storage::getFile() with an empty folder argument. Attackers can bypass traversal-prevention controls in Storage::getFolderPath() to access sensitive files.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS