CVE-2026-42608 | grav up to 1.74.2 FormFlash path traversal

A vulnerability labeled as critical has been found in grav. Affected is an unknown function of the component FormFlash. Executing a manipulation can lead to path traversal.

The identification of this vulnerability is CVE-2026-42608. The attack may be launched remotely. There is no exploit available.

The affected component should be upgraded.VulDB Recent EntriesRead More