CVE-2026-27343

Name of the Vulnerable Software and Affected Versions Airtifact versions through 1.2.91

Description The software contains a flaw related to improper control of filenames used in include/require statements, leading to a PHP Local File Inclusion issue. This allows for the inclusion of local files. The include and require statements in PHP are used to incorporate external files into the current script. When these statements are not properly controlled, an attacker can manipulate the filename to include arbitrary files from the server, potentially exposing sensitive information or executing malicious code.

Recommendations Update Airtifact to a version newer than 1.2.91.