CVE-2026-41193

Name of the Vulnerable Software and Affected Versions FreeScout versions prior to 1.8.215

Description The module installation feature extracts ZIP archives without validating file paths. This allows an authenticated administrator to write files arbitrarily on the server filesystem by using a specially crafted ZIP archive, a technique known as Zip Slip (a form of directory traversal where files are extracted outside the intended destination folder).

Recommendations Update to version 1.8.215.