CVE Catalog

CVE-2026-50869

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.25%

16th percentile — higher than 16% of all known CVEs

Summary

Version 3.19.0 of Bludit contains a vulnerability in the api/plugin.php component that allows attackers to execute a directory traversal by supplying a crafted request.

Risk Assessment

Attackers may gain access to system files, potentially leading to the exposure of sensitive data or system takeover.

Recommendation

It is recommended to update Bludit to the latest version to mitigate this vulnerability and to monitor logs for potential attack attempts.

Original NVD description (English source)

An issue in the api/plugin.php component of Bludit v3.19.0 allows attackers to execute a directory traversal via supplying a crafted request.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS