Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
10.0
CVE-2026-8326: Remote Spark SparkView Allows Arbitrary File Access as Root
CVE-2026-8326
Summary
Remote Spark's SparkView feature allows unauthorized access to files on the server, potentially leading to a complete takeover of the system. This is a serious issue because it could allow an attacker to gain full control of the server without needing a password. Remote Spark users should update to the latest version of SparkView (build 1127 or later) to fix this problem.
Original title
Path traversal vulnerability in Remote Spark (https://www.Remotespark.Com/) SparkView allows reading and writing arbitrary files in all directories as root. This leads to RCE. The affected componen...
Original description
Path traversal vulnerability in Remote Spark (https://www.Remotespark.Com/) SparkView allows reading and writing arbitrary files in all directories as root. This leads to RCE. The affected component is the RDP drive redirection. Depending on implementation, the vulnerability can be exploited by an unauthenticated attacker.
This issue affects SparkView: before build 1127.
This issue affects SparkView: before build 1127.
nvd CVSS4.0
10.0
Vulnerability type
CWE-23
Published: 29 May 2026 · Updated: 31 May 2026 · First seen: 29 May 2026