PT-2026-41568 · Adenhq · Hive
Eric-B
·
Published
2026-05-17
·
Updated
2026-05-19
·
CVE-2026-8757
CVSS v3.1
9.1
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
adenhq hive versions prior to 0.11.0
Description
A path traversal issue exists in the Delete Request Handler component. A remote attacker can perform a manipulation affecting the
read events tail() function within the core/framework/server/routes sessions.py file, allowing unauthorized access to the file system.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
As a temporary workaround, restrict access to the
read events tail() function to minimize the risk of exploitation.Exploit
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Hive