Sign in Get started

← All advisories

High severity7.2NVD Advisory· Published Apr 1, 2026· Updated Apr 9, 2026

CVE-2026-23898

CVE-2026-23898

Description

Lack of input validation leads to an arbitrary file deletion vulnerability in the autoupdate server mechanism.

Affected products

1

Joomla/Joomla!
cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:*
Range: >=3.0.0,<5.4.4

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

developer.joomla.org/security-centre/1031-20260305-core-arbitrary-file-deletion-in-com-joomlaupdate.htmlnvdVendor Advisory

News mentions

0

No linked articles in our index yet.