EUVD-2026-28348

ID: EUVD-2026-28348

Severity: high

CVSS v4: 8.2 (CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N)

CVSS v3: Not provided

CWE: None listed

Source: ENISA

Description

Lack of user input validation in the file upload functionality of Open Notebook v1.8.3 allows the application user to access local files content from the docker container via path traversal.

Timestamps

Normalized: 2026-05-07T12:05:59Z UTC
Last updated: 2026-05-07T12:05:59Z UTC

References

No references provided.

VulnAI

EUVD-2026-28348

Description

Timestamps

References