Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.3
Collabora KodExplorer File Upload Authorization Bypass
CVE-2026-6572
Summary
Collabora KodExplorer's file upload feature has a security flaw that allows unauthorized access. This means that someone could upload files without permission, potentially leading to data breaches or other security issues. Update to the latest version of Collabora KodExplorer to fix this issue.
Original title
A security vulnerability has been detected in Collabora KodExplorer up to 4.52. Affected by this issue is some unknown functionality of the file /app/controller/share.class.php of the component fil...
Original description
A security vulnerability has been detected in Collabora KodExplorer up to 4.52. Affected by this issue is some unknown functionality of the file /app/controller/share.class.php of the component fileUpload Endpoint. The manipulation of the argument fileUpload leads to improper authorization. Remote exploitation of the attack is possible. The attack's complexity is rated as high. The exploitation is known to be difficult. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
nvd CVSS2.0
5.1
nvd CVSS3.1
5.6
nvd CVSS4.0
6.3
Vulnerability type
CWE-266
Incorrect Privilege Assignment
CWE-285
Improper Authorization
Published: 19 Apr 2026 · Updated: 19 Apr 2026 · First seen: 19 Apr 2026