Critical severityNVD Advisory· Published May 27, 2026· Updated May 27, 2026
CVE-2026-49103
CVE-2026-49103
Description
Webmin before 2.640 does not safely construct a filename for saving of an attachment within the mailboxes component. This occurs in mailboxes/detachall.cgi.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2News mentions
2- ⚡ Weekly Recap: Proxy Botnets, Browser Ransomware, AI Agent Tricks, Fake PoC Malware and MoreThe Hacker News · Jul 6, 2026
- Critical Webmin Vulnerabilities Allow Attackers to Impersonate as Any UserCyber Security News · Jun 24, 2026