CVE-2026-7059

CVSS v3.1

5.3

Medium

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

A vulnerability was found in 666ghj MiroFish up to 0.1.2. This affects the function get simulation posts of the file backend/app/api/simulation.py of the component Query Parameter Handler. Performing a manipulation of the argument Platform results in path traversal. The attack can be initiated remotely. The exploit has been made public and could be used.

Exploit

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2026-7059

Affected Products

Mirofish

CVE-2026-7059

Weakness Enumeration

Related Identifiers

Affected Products

References · 5