CVE-2026-40488 | OpenMage magento-lts up to 20.16.x unrestricted upload (GHSA-3j5q-7q7h-2hhv)

A vulnerability classified as critical has been found in OpenMage magento-lts up to 20.16.x. Affected by this issue is some unknown functionality. This manipulation causes unrestricted upload.

This vulnerability is registered as CVE-2026-40488. Remote exploitation of the attack is possible. No exploit is available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More