CVE-2026-2328

High

An unauthenticated remote attacker can exploit insufficient input validation to access backend components beyond their intended scope via…

CERTVDE·CWE-790·Published 2026-03-30

CVSS

7.5

EPSS

0.00

KEV

Exploits

cve.orgen

201 chars

An unauthenticated remote attacker can exploit insufficient input validation to access backend components beyond their intended scope via path traversal, resulting in exposure of sensitive information.

NVDen

201 chars

NVDes

238 chars

Un atacante remoto no autenticado puede explotar una validación de entrada insuficiente para acceder a componentes de backend más allá de su alcance previsto mediante salto de ruta, lo que resulta en la exposición de información sensible.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
3.1	Primary	cve.org	7.5	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N