CVE-2026-29515

Name of the Vulnerable Software and Affected Versions MiCode FileExplorer (affected versions not specified)

Description The software contains an authentication bypass in the embedded SwiFTP FTP server component. This allows network attackers to log in without valid credentials by sending arbitrary username and password combinations to the PASS command handler, which unconditionally grants access. Successful exploitation allows attackers to list, read, write, and delete files exposed by the FTP server. The MiCode/Explorer open source project has reached end-of-life status.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.