Threats Tagged 'cve-2026-7085'
View all threats tagged with 'cve-2026-7085'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cve-2026-7085'
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-7085: Path Traversal in HBAI-Ltd Toonflow-appCVE-2026-7085 0 CVE-2026-7085 is a path traversal vulnerability in the Toonflow-app by HBAI-Ltd affecting versions up to 1.1.1. The issue exists in the downloadApp endpoint, specifically in the z.url function of src/routes/setting/about/downloadApp.ts, where manipulation of the url argument can lead to path traversal. The vulnerability can be triggered remotely but requires high attack complexity and is considered difficult to exploit. The vendor states that the update URL is statically compiled in the official code, limiting the risk unless users modify the code. The exploit has been publicly disclosed, but the actual existence of the vulnerability is questioned by the vendor. The CVSS 4. Join the discussion | CVE Database V5 | 04/27/2026, 04:00:14 UTC Added: 04/27/2026, 04:15:06 UTC |
Showing 1 to 1 of 1 result