Loading market data...
← Back to CVE feed

CVE-2026-40547

UNKNOWN View on NVD ↗

Description

SOPlanning is vulnerable to Path Traversal in backup endpoints. Authenticated remote attacker is able to exploit a vulnerable endpoint and construct payloads that allow reading and executing files previously added through the backup functionality. Critically, due to CVE-2026-40543 (Missing Authorization), any backup file can be read by any (unauthorized) user. This issue affects SOPlanning version 1.55 and below.

Published: Jun 01, 2026 09:16 UTC Modified: Jun 01, 2026 16:37 UTC