CVE-2026-40893

Exploit

EPSS 0.35%
Veröffentlicht 14.05.2026 15:18:27
Zuletzt bearbeitet 18.05.2026 13:02:17
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

Gotenberg: ExifTool Dangerous Tag Blocklist Bypass via Group-Prefixed Tag Names Allows Arbitrary File Rename and Move

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.31.0, Gotenberg only checks if the tag is exactly FileName, so System:FileName slips right through and ExifTool happily renames the file. This allows remote attackers to move, rename, and change permissions for arbitrary files. This vulnerability is fixed in 8.31.0.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 2 Referenzen 4

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Thecodingmachine ≫ Gotenberg Version < 8.31.0

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.35%	0.263

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
security-advisories@github.com	8.2	3.9	4.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L

CWE-184 Incomplete List of Disallowed Inputs

The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are not allowed by policy or otherwise require other action to neutralize before additional processing takes place, but the list is incomplete.

CWE-73 External Control of File Name or Path

The product allows user input to control or influence paths or file names that are used in filesystem operations.

https://github.com/gotenberg/gotenberg/security/advisories/GHSA-62p3-hvxx-fxg4

Vendor Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2026-40893

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-40893

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-40893

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-40893