CVE-2026-10075
5.3 MEDIUMDreamMaker developed by Interinfo has a Path Traversal vulnerability, allowing unauthenticated remote attackers to read file names under ...
Published: 2026-05-29 · Last updated: 2026-05-29
Severity and scoring
- CVSS
- 5.3 MEDIUM
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- CWE
- CWE-36
Description
DreamMaker developed by Interinfo has a Path Traversal vulnerability, allowing unauthenticated remote attackers to read file names under arbitrary path by exploiting an Absolute Path Traversal vulnerability.
Source: NVD
References
Related CVEs
Same CWE
- CVE-2026-53698 — Silverpeas through 6.4.6 mishandles the "Personal space" feature that is selected when no componentId is set (6.5 MEDIUM)
- CVE-2026-10044 — Usagi-org ai-goofish-monitor contains an unauthenticated arbitrary file read vulnerability in the GET /api/prompts/{filename} endpoint on... (7.5 HIGH)
- CVE-2026-32997 — A vulnerability allowing an authenticated user with the Backup Administrator role to write arbitrary files on Linux-based Veeam Backup & ...
- CVE-2026-2753 — An Absolute Path Traversal vulnerability exists in Navtor NavBox (7.5 HIGH)