CVE Catalog

CVE-2026-8464

HighCVSS 8.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.03%

7th percentile - higher than 7% of all known CVEs

Summary

Golem OEE MES is vulnerable to an unauthenticated path traversal flaw. An attacker in the same local network can read arbitrary files from the server's operating system by manipulating HTTP request paths.

Risk Assessment

This vulnerability may lead to the disclosure of sensitive data from the server, posing a serious security threat to the organization.

Recommendation

It is recommended to upgrade to version 11.6.0, where the issue has been fixed.

Original NVD description (English source)

Golem OEE MES is vulnerable to an unauthenticated path traversal flaw. This vulnerability allows an attacker in the same local network to read arbitrary files from the server's operating system by manipulating HTTP request paths. This issue has been fixed in version 11.6.0

Vulnerability data from NVD (NIST) · CISA KEV · EPSS