HerikLyma CPPWebFramework path traversal_CVE-2026-5638

6.9 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was detected in HerikLyma CPPWebFramework up to 3.1. This issue affects some unknown processing. Performing a manipulation results in path traversal. Remote exploitation of the attack is possible. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet.

Basic Information

ID CVE-2026-5638

Source VulDB

Published Apr 6, 2026 at 08:30

Modified Apr 6, 2026 at 12:11

Affected Product

Vendor HerikLyma

Product CPPWebFramework

Version 3.0

Affected Versions HerikLyma CPPWebFramework 3.0
HerikLyma CPPWebFramework 3.1

CWE Classification

CWE-22

References

{
    "lastseen": "",
    "description": "A vulnerability was detected in HerikLyma CPPWebFramework up to 3.1. This issue affects some unknown processing. Performing a manipulation results in path traversal. Remote exploitation of the attack is possible. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet.",
    "published": "2026-04-06T08:30:12.177Z",
    "modified": "2026-04-06T12:11:46.370Z",
    "type": "cve",
    "title": "HerikLyma CPPWebFramework path traversal",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/355426\nhttps://vuldb.com/vuln/355426/cti\nhttps://vuldb.com/submit/785952\nhttps://github.com/HerikLyma/CPPWebFramework/issues/40\nhttps://github.com/HerikLyma/CPPWebFramework/issues/40#issue-4118436068\nhttps://github.com/HerikLyma/CPPWebFramework/",
    "id": "CVE-2026-5638",
    "bulletinFamily": "",
    "cwe": [
        "CWE-22"
    ],
    "cvelist": null,
    "sourceData": "HerikLyma CPPWebFramework 3.0\nHerikLyma CPPWebFramework 3.1",
    "sourceHref": "",
    "cvss": {
        "score": 6.9,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "CPPWebFramework",
    "version": "3.0",
    "vendor": "HerikLyma",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}