Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.9
KodExplorer File Sharing Feature Allows Unauthorized Access
CVE-2026-6569
Summary
An outdated version of KodExplorer (up to 4.52) makes it possible for attackers to access files without authentication. This is a serious issue because it could allow unauthorized access to sensitive data. To fix this, update KodExplorer to the latest version.
Original title
A vulnerability was identified in kodcloud KodExplorer up to 4.52. This impacts the function fileGet of the file /app/controller/share.class.php of the component fileGet Endpoint. Such manipulation...
Original description
A vulnerability was identified in kodcloud KodExplorer up to 4.52. This impacts the function fileGet of the file /app/controller/share.class.php of the component fileGet Endpoint. Such manipulation of the argument fileUrl leads to improper authentication. The attack can be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.
nvd CVSS2.0
7.5
nvd CVSS3.1
7.3
nvd CVSS4.0
6.9
Vulnerability type
CWE-287
Improper Authentication
Published: 19 Apr 2026 · Updated: 19 Apr 2026 · First seen: 19 Apr 2026