CVE-2026-41887 | flarum framework up to 1.8.15 forum.css uri path traversal

May 8, 2026 Yanac

A vulnerability classified as critical has been found in flarum framework up to 1.8.15. This impacts the function uri of the file forum.css. This manipulation causes path traversal.

This vulnerability is registered as CVE-2026-41887. Remote exploitation of the attack is possible. No exploit is available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More

CVE-2026-38360 | fohrloop dash-uploader up to 0.1.0/0.7.0a2 httprequesthandler.py aseHttpRequestHandler.get_temp_root path traversal
CVE-2026-41889 | jackc pgx up to 5.9.1 on Go sql injection