{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-6572", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-04-18T19:07:07.145Z", "datePublished": "2026-04-19T12:15:14.167Z", "dateUpdated": "2026-04-19T12:15:14.167Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-19T12:15:14.167Z"}, "title": "Collabora KodExplorer fileUpload Endpoint share.class.php improper authorization", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-285", "lang": "en", "description": "Improper Authorization"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-266", "lang": "en", "description": "Incorrect Privilege Assignment"}]}], "affected": [{"vendor": "Collabora", "product": "KodExplorer", "versions": [{"version": "4.0", "status": "affected"}, {"version": "4.1", "status": "affected"}, {"version": "4.2", "status": "affected"}, {"version": "4.3", "status": "affected"}, {"version": "4.4", "status": "affected"}, {"version": "4.5", "status": "affected"}, {"version": "4.6", "status": "affected"}, {"version": "4.7", "status": "affected"}, {"version": "4.8", "status": "affected"}, {"version": "4.9", "status": "affected"}, {"version": "4.10", "status": "affected"}, {"version": "4.11", "status": "affected"}, {"version": "4.12", "status": "affected"}, {"version": "4.13", "status": "affected"}, {"version": "4.14", "status": "affected"}, {"version": "4.15", "status": "affected"}, {"version": "4.16", "status": "affected"}, {"version": "4.17", "status": "affected"}, {"version": "4.18", "status": "affected"}, {"version": "4.19", "status": "affected"}, {"version": "4.20", "status": "affected"}, {"version": "4.21", "status": "affected"}, {"version": "4.22", "status": "affected"}, {"version": "4.23", "status": "affected"}, {"version": "4.24", "status": "affected"}, {"version": "4.25", "status": "affected"}, {"version": "4.26", "status": "affected"}, {"version": "4.27", "status": "affected"}, {"version": "4.28", "status": "affected"}, {"version": "4.29", "status": "affected"}, {"version": "4.30", "status": "affected"}, {"version": "4.31", "status": "affected"}, {"version": "4.32", "status": "affected"}, {"version": "4.33", "status": "affected"}, {"version": "4.34", "status": "affected"}, {"version": "4.35", "status": "affected"}, {"version": "4.36", "status": "affected"}, {"version": "4.37", "status": "affected"}, {"version": "4.38", "status": "affected"}, {"version": "4.39", "status": "affected"}, {"version": "4.40", "status": "affected"}, {"version": "4.41", "status": "affected"}, {"version": "4.42", "status": "affected"}, {"version": "4.43", "status": "affected"}, {"version": "4.44", "status": "affected"}, {"version": "4.45", "status": "affected"}, {"version": "4.46", "status": "affected"}, {"version": "4.47", "status": "affected"}, {"version": "4.48", "status": "affected"}, {"version": "4.49", "status": "affected"}, {"version": "4.50", "status": "affected"}, {"version": "4.51", "status": "affected"}, {"version": "4.52", "status": "affected"}], "modules": ["fileUpload Endpoint"]}], "descriptions": [{"lang": "en", "value": "A security vulnerability has been detected in Collabora KodExplorer up to 4.52. Affected by this issue is some unknown functionality of the file /app/controller/share.class.php of the component fileUpload Endpoint. The manipulation of the argument fileUpload leads to improper authorization. Remote exploitation of the attack is possible. The attack's complexity is rated as high. The exploitation is known to be difficult. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.3, "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 5.6, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 5.6, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 5.1, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-04-18T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-04-18T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-04-18T21:12:43.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "vulnplusbot (VulDB User)", "type": "reporter"}, {"lang": "en", "value": "VulDB CNA Team", "type": "coordinator"}], "references": [{"url": "https://vuldb.com/vuln/358206", "name": "VDB-358206 | Collabora KodExplorer fileUpload Endpoint share.class.php improper authorization", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/358206/cti", "name": "VDB-358206 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/789988", "name": "Submit #789988 | KodExplorer 4.52 Business Logic Bypass", "tags": ["third-party-advisory"]}, {"url": "https://vulnplus-note.wetolink.com/share/PLCI4v0BWaF8", "tags": ["broken-link", "exploit"]}]}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A security vulnerability has been detected in Collabora KodExplorer up to 4.52. Affected by this issue is some unknown functionality of the file /app/controller/share.class.php of the component fileUpload Endpoint. The manipulation of the argument fileUpload leads to improper authorization. Remote exploitation of the attack is possible. The attack's complexity is rated as high. The exploitation is known to be difficult. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way."}], "id": "CVE-2026-6572", "lastModified": "2026-04-19T13:16:45.650", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 3.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-04-19T13:16:45.650", "references": [{"source": "cna@vuldb.com", "url": "https://vuldb.com/submit/789988"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/358206"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/358206/cti"}, {"source": "cna@vuldb.com", "url": "https://vulnplus-note.wetolink.com/share/PLCI4v0BWaF8"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-266"}, {"lang": "en", "value": "CWE-285"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-19T13:20:54.223696+00:00", "value": {"mitigation_remediation": ["Apply the latest vendor patch or upgrade to a version newer than 4.52 that contains the fix for the improper authorization issue in the fileUpload Endpoint.", "If an immediate update is not feasible, restrict access to the fileUpload Endpoint at the web\u2011server or firewall level so that only trusted IP ranges or authenticated sessions can reach it.", "Conduct an access\u2011control review for the share.class.php controller, ensuring that proper role checks are enforced, and monitor logs for any anomalous fileUpload requests."], "summary": {"action": "Assess Impact", "impact": "Unauthorized Access via Improper Authorization"}, "threat_synthesis": {"affected_systems": "Collabora\u202fKodExplorer versions up to 4.52 are potentially affected. All deployments of KodExplorer relying on the share.class.php based fileUpload Endpoint in these versions are at risk until the flaw is remediated.", "description_and_impact": "A security flaw in Collabora\u202fKodExplorer, discovered in the file /app/controller/share.class.php on the fileUpload Endpoint, allows an attacker to manipulate the fileUpload argument and bypass authorization checks. This improper authorization can lead to remote exploitation, enabling an attacker to gain unauthorized access to functionality or data that should otherwise be protected. The vulnerability is classified as having a high attack complexity and is noted to be difficult to exploit, but the fact that remote exploitation is possible raises significant concern.", "risk_and_exploitability": "The CVSS score of 6.3 indicates moderate severity, and the EPSS score is currently unavailable, which does not provide a clear picture of exploitation likelihood. The vulnerability is not listed in the CISA KEV catalog. Remote attackers could exploit the flaw by sending crafted requests to the fileUpload Endpoint, although the high attack complexity and difficulty suggest that it would not be trivially abused. Nevertheless, the potential for unauthorized access warrants prompt attention."}}}}, "created": "2026-04-19T13:30:27.325050+00:00", "updated": "2026-04-19T13:30:27.325073+00:00", "vendors": []}