Airleader Master versions 6.381 and prior allow for file uploads without
restriction to multiple webpages running maximum privileges. This could
allow an unauthenticated user to potentially obtain remote code
execution on the server.
| Źródło | Link | Uwagi |
|---|---|---|
| NVD (NIST) | https://nvd.nist.gov/vuln/detail/CVE-2026-1358 | Karta CVE w NVD |
| CISA KEV | https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-1358 | Wyszukiwanie CVE w KEV |
| FIRST EPSS | https://api.first.org/data/v1/epss?cve=CVE-2026-1358 | API EPSS dla CVE |
| ics-cert@hq.dhs.gov | https://airleader.us/contact/ | NVD Reference |
| ics-cert@hq.dhs.gov | https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-043-10.json | NVD Reference |
| ics-cert@hq.dhs.gov | https://www.cisa.gov/news-events/ics-advisories/icsa-26-043-10 | NVD Reference |
| ics-cert@hq.dhs.gov | https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2025-044.txt | NVD Reference |