CVE-2026-7086

Name of the Vulnerable Software and Affected Versions HBAI-Ltd Toonflow-app versions prior to 1.1.2

Description A path traversal issue exists in the Storyboard Export component within the updateStoryboardUrl() function of the replaceUrl.ts file. Remote attackers can exploit this by manipulating the url argument. The vendor states that the interface URL is intended to be a local address or a trusted domain configured in docker, and malicious links should not be present unless the code is modified.

Recommendations Update to a version later than 1.1.1. As a temporary workaround, restrict access to the updateStoryboardUrl() function to prevent unauthorized manipulation of the url argument.