CVE-2026-7411 | Eclipse BaSyx up to 2.0.0-milestone-9 Submodel HTTP API fileName path traversal (Issue 102)

May 5, 2026 Yanac

A vulnerability marked as critical has been reported in Eclipse BaSyx up to 2.0.0-milestone-9. This issue affects some unknown processing of the component Submodel HTTP API. The manipulation of the argument fileName leads to path traversal.

This vulnerability is documented as CVE-2026-7411. The attack can be initiated remotely. There is not any exploit available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More