CVE-2026-27734 | henrygd beszel up to 0.18.3 API Endpoint logs PathEscape path traversal (GHSA-phwh-4f42-gwf3)

A vulnerability identified as critical has been detected in henrygd beszel up to 0.18.3. Affected by this issue is the function PathEscape of the file /api/beszel/containers/logs of the component API Endpoint. This manipulation causes path traversal.

This vulnerability is tracked as CVE-2026-27734. The attack is possible to be carried out remotely. No exploit exists.

You should upgrade the affected component.VulDB Recent EntriesRead More