CVE-2026-34754 | mantisbt Mantis Bug Tracker up to 2.28.1 Attachment access control (GHSA-h4x5-gvx6-3rwc)

A vulnerability was found in mantisbt Mantis Bug Tracker up to 2.28.1. It has been declared as critical. This affects an unknown part of the component Attachment Handler. Executing a manipulation can lead to improper access controls.

This vulnerability is tracked as CVE-2026-34754. The attack can be launched remotely. No exploit exists.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More