Link following in FileBrowser - CVE-2026-55667
Published: June 29, 2026
FileBrowser
Detailed vulnerability description
The vulnerability allows a remote user to delete arbitrary files outside the intended scope and cause a denial of service.
The vulnerability exists due to improper link resolution before file access in the upload failure-cleanup path when handling a crafted upload request to a path containing a symlinked ancestor. A remote user can send a specially crafted upload request to delete out-of-scope files and directories.
Exploitation requires a pre-existing escaping directory symlink inside the user's scope. If the target is a directory, deletion is recursive.