CVE 8.7 HIGH

Lyrion Music Server 9.2.0 Path Traversal File Read_CVE-2026-50234

June 5, 2026 invoker category_cve

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Description

Lyrion Music Server 9.2.0 contains a path traversal vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting directory traversal in the web server context. Attackers can manipulate file path parameters to access sensitive files outside the intended directory structure.

AI Analysis

Path traversal vulnerability allowing unauthenticated attackers to read arbitrary files

Basic Information

ID CVE-2026-50234

Source VulnCheck

Published Jun 5, 2026 at 13:24

Affected Product

Vendor LMS Community

Product Lyrion Music Server

Version 9.2.0

Affected Versions LMS Community Lyrion Music Server 9.2.0

CWE Classification

CWE-22

AI Assessment

AI Score 8.7 / 10

AI Severity High

Vendor LMS Community

Product Lyrion Music Server

Version 9.2.0

References

{
    "lastseen": "",
    "description": "Lyrion Music Server 9.2.0 contains a path traversal vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting directory traversal in the web server context. Attackers can manipulate file path parameters to access sensitive files outside the intended directory structure.",
    "published": "2026-06-05T13:24:28.474Z",
    "modified": "2026-06-05T13:24:28.474Z",
    "type": "cve",
    "title": "Lyrion Music Server 9.2.0 Path Traversal File Read",
    "source": "VulnCheck",
    "references": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2026-5992.php\nhttps://www.vulncheck.com/advisories/lyrion-music-server-path-traversal-file-read",
    "id": "CVE-2026-50234",
    "bulletinFamily": "",
    "cwe": [
        "CWE-22"
    ],
    "cvelist": null,
    "sourceData": "LMS Community Lyrion Music Server 9.2.0",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Lyrion Music Server",
    "version": "9.2.0",
    "vendor": "LMS Community",
    "ai_description": "Path traversal vulnerability allowing unauthenticated attackers to read arbitrary files",
    "ai_severity": "High",
    "ai_vendor": "LMS Community",
    "ai_product": "Lyrion Music Server",
    "ai_version": "9.2.0",
    "ai_score": 8.7
}

💭 Join the Security Discussion ❌ Cancel Reply