VYPR

IOPaint

by Sanster

CVEs (1)

  • CVE-2026-5258HigApr 1, 2026
    risk 0.47cvss 7.3epss 0.01

    A vulnerability was found in Sanster IOPaint 1.5.3. Impacted is the function _get_file of the file iopaint/file_manager/file_manager.py of the component File Manager. Performing a manipulation of the argument filename results in path traversal. The attack is possible to be…