CVE-2026-55439 | halo-dev halo up to 2.24.2 Backup Download Endpoint /apis/console.api MigrationServiceImpl.download path traversal (ID 10064)

A vulnerability classified as critical was found in halo-dev halo up to 2.24.2. This impacts the function MigrationServiceImpl.download of the file /apis/console.api of the component Backup Download Endpoint. Executing a manipulation can lead to path traversal.

The identification of this vulnerability is CVE-2026-55439. The attack may be launched remotely. There is no exploit available.

Upgrading the affected component is advised.VulDB Recent EntriesRead More