CVE 9.8 CRITICAL

Unauthenticated Path Traversal in FalkorDB Browser Leads to Remote Code Execution_CVE-2026-6057

April 12, 2026 invoker category_cve

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

FalkorDB Browser 1.9.3 contains an unauthenticated path traversal vulnerability in the file upload API that allows remote attackers to write arbitrary files and achieve remote code execution.

AI Analysis

Unauthenticated path traversal vulnerability allowing remote code execution

Basic Information

ID CVE-2026-6057

Source securin

Published Apr 10, 2026 at 09:16

Modified Apr 10, 2026 at 20:25

Affected Product

Vendor FalkorDB

Product FalkorDB Browser

Version 1.9.3

Affected Versions FalkorDB FalkorDB Browser 1.9.3

CWE Classification

CWE-22

AI Assessment

AI Score 9.8 / 10

AI Severity Critical

Vendor FalkorDB

Product FalkorDB Browser

Version 1.9.3

References

{
    "lastseen": "",
    "description": "FalkorDB Browser 1.9.3 contains an unauthenticated path traversal vulnerability in the file upload API that allows remote attackers to write arbitrary files and achieve remote code execution.",
    "published": "2026-04-10T09:16:30.338Z",
    "modified": "2026-04-10T20:25:53.551Z",
    "type": "cve",
    "title": "Unauthenticated Path Traversal in FalkorDB Browser Leads to Remote Code Execution",
    "source": "securin",
    "references": "https://github.com/FalkorDB/falkordb-browser\nhttps://github.com/FalkorDB/falkordb-browser/pull/1611",
    "id": "CVE-2026-6057",
    "bulletinFamily": "",
    "cwe": [
        "CWE-22"
    ],
    "cvelist": null,
    "sourceData": "FalkorDB FalkorDB Browser 1.9.3",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "FalkorDB Browser",
    "version": "1.9.3",
    "vendor": "FalkorDB",
    "ai_description": "Unauthenticated path traversal vulnerability allowing remote code execution",
    "ai_severity": "Critical",
    "ai_vendor": "FalkorDB",
    "ai_product": "FalkorDB Browser",
    "ai_version": "1.9.3",
    "ai_score": 9.8
}

💭 Join the Security Discussion ❌ Cancel Reply