CVE-2026-49970 | plank laravel-mediable up to 6.x File Upload File::sanitizePath directory path traversal
A vulnerability has been found in plank laravel-mediable up to 6.x and classified as critical. The impacted element is the function File::sanitizePath of the component File Upload Handler. The manipulation of the argument directory leads to path traversal.
This vulnerability is listed as CVE-2026-49970. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More