CVE-2026-29205

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
13/05/2026
Last modified:
14/05/2026

Description

Incorrect privileges management and insufficient path filtering allow to read arbitrary file on the server via the cpdavd attachment download endpoints.