CVE-2026-39552

Name of the Vulnerable Software and Affected Versions Code Supply Co. Blueprint versions prior to 1.1.5

Description An improper control of filename for include/require statement in PHP program allows for Local File Inclusion. This occurs when the application fails to properly validate the file path used in PHP include or require functions, potentially allowing an attacker to include files from the local file system.

Recommendations Update to version 1.1.5.