Threats Tagged 'cve-2026-28276'
View all threats tagged with 'cve-2026-28276'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cve-2026-28276'
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-28276: CWE-200: Exposure of Sensitive Information to an Unauthorized Actor in Morelitea initiativeCVE-2026-28276 0 Initiative is a self-hosted project management platform. An access control vulnerability exists in Initiative versions prior to 0.32.2 where uploaded documents are served from a publicly accessible /uploads/ directory without any authentication or authorization checks. Any uploaded file can be accessed directly via its URL by unauthenticated users (e.g., in an incognito browser session), leading to potential disclosure of sensitive documents. The problem was patched in v0.32.2, and the patch was further improved on in 032.4. Join the discussion | CVE Database V5 | 02/26/2026, 22:57:36 UTC Added: 02/26/2026, 23:11:12 UTC |
Showing 1 to 1 of 1 result