PT-2026-51524 · Rasta Mouse · Pwnlift

Greg Durys

Published

2026-06-23

Updated

2026-06-23

CVE-2026-56815

CVSS v3.1

7.4

High

Vector

AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

pwnlift before d7a9544, in a privileged deployment, contains a symlink following vulnerability in the upload handler in Components/Pages/Home.razor.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

CVE-2026-56815

Pwnlift