PatchSiren cyber security CVE debrief
CVE-2026-50869 Bludit CVE debrief
CVE-2026-50869 is a directory traversal vulnerability in the api/plugin.php component of Bludit v3.19.0. An attacker can exploit this vulnerability by supplying a crafted request, potentially leading to unauthorized access to sensitive files and data.
- Vendor
- Bludit
- Product
- Bludit
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-15
- Original CVE updated
- 2026-06-15
- Advisory published
- 2026-06-15
- Advisory updated
- 2026-06-15
Who should care
Users of Bludit v3.19.0, administrators of websites using Bludit, and security teams responsible for monitoring and patching vulnerabilities.
Technical summary
The vulnerability exists in the api/plugin.php component of Bludit v3.19.0. A crafted request can be used to execute a directory traversal attack, allowing an attacker to access files and data outside of the intended directory.
Defensive priority
High
Recommended defensive actions
- Update Bludit to a version that patches this vulnerability, if available.
- Restrict access to the api/plugin.php component to trusted users and IP addresses.
- Monitor for suspicious activity and implement additional security measures to detect and prevent exploitation.
Evidence notes
The CVE record and NVD detail for CVE-2026-50869 provide information on this vulnerability. [See CVE-2026-50869 CVE record](resourceLinkAnnotations:cve-org) and [NVD detail](resourceLinkAnnotations:nvd).
Official resources
-
CVE-2026-50869 CVE record
CVE.org
-
CVE-2026-50869 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-50869 was published on 2026-06-15T20:16:29.677Z and modified on 2026-06-15T21:05:18.653Z.