CVE-2026-8464
HighCVSS 8.3Exploitation Probability (EPSS)
Low risk7th percentile - higher than 7% of all known CVEs
Summary
Golem OEE MES is vulnerable to an unauthenticated path traversal flaw. An attacker in the same local network can read arbitrary files from the server's operating system by manipulating HTTP request paths.
Risk Assessment
This vulnerability may lead to the disclosure of sensitive data from the server, posing a serious security threat to the organization.
Recommendation
It is recommended to upgrade to version 11.6.0, where the issue has been fixed.
Original NVD description (English source)
Golem OEE MES is vulnerable to an unauthenticated path traversal flaw. This vulnerability allows an attacker in the same local network to read arbitrary files from the server's operating system by manipulating HTTP request paths. This issue has been fixed in version 11.6.0

