CVE Catalog
CVE-2026-50891
HighCVSS 8.1Exploitation Probability (EPSS)
Low risk0.18%
8th percentile - higher than 8% of all known CVEs
Summary
Incorrect access control in the /admin/api/config component of Filestash v0.4.0 allows attackers to escalate privileges via sending a crafted request.
Risk Assessment
The organization may be exposed to unauthorized access to sensitive administrative functions, potentially leading to serious security breaches.
Recommendation
It is recommended to update Filestash to the latest version to mitigate this vulnerability and review access policies for administrative components.
Original NVD description (English source)
Incorrect access control in the /admin/api/config component of Filestash v0.4.0 allows attackers to escalate privileges via sending a crafted request.

