VYPR
Critical severityNVD Advisory· Published May 27, 2026· Updated May 27, 2026

CVE-2026-49103

CVE-2026-49103

Description

Webmin before 2.640 does not safely construct a filename for saving of an attachment within the mailboxes component. This occurs in mailboxes/detachall.cgi.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Webmin/Webminreferences2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: <2.640

Patches

Vulnerability mechanics

References

2

News mentions

2
CVE-2026-49103 · Critical · VYPR