CVE-2026-29201
Severity CVSS v4.0:
Pending analysis
Type:
CWE-20
Input Validation
Publication date:
08/05/2026
Last modified:
08/05/2026
Description
Insufficient input validation of the feature file name in `feature::LOADFEATUREFILE` adminbin call can cause arbitrary file read when a relative file path is passed.
Impact
Base Score 3.x
4.30
Severity 3.x
MEDIUM