CVE-2026-29205
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
13/05/2026
Last modified:
14/05/2026
Description
Incorrect privileges management and insufficient path filtering allow to read arbitrary file on the server via the cpdavd attachment download endpoints.
Impact
Base Score 3.x
8.60
Severity 3.x
HIGH



