CVE-2026-40163 - Vulnerability Analysis
HighCVSS: 8.2Last Updated: April 10, 2026
Saltcorn - Unrestricted File Upload & Information Disclosure
Published: April 10, 2026Updated: April 10, 2026Remote Exploitable
Overview
Saltcorn < 1.4.5, < 1.5.5, and < 1.6.0-beta.4 contain an unrestricted file upload and directory traversal caused by unauthenticated access to /sync/offline_changes and /sync/upload_finished endpoints, letting attackers create directories, write files, and read arbitrary JSON files on the server filesystem, exploit requires no authentication.
Severity & Score
Severity: High
CVSS Score: 8.2
Impact
Unauthenticated attackers can create directories, write arbitrary files, and read sensitive JSON files on the server, leading to full file system compromise and data disclosure.
Mitigation
Upgrade to versions 1.4.5, 1.5.5, or 1.6.0-beta.4 or later.
Related Resources
Details
- CVE ID
- CVE-2026-40163
- Severity
- High
- CVSS Score
- 8.2
- Type
- unrestricted_file_upload
- Status
- new
CWE
- CWE-22
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N