CRITICAL
Airleader GmbH
CVE published 2026-02-12
CVE-2026-1358
CVE-2026-1358 is a critical Airleader Master vulnerability affecting version 6.381 and prior. According to the CISA CSAF advisory, multiple webpages allow unrestricted file uploads while running with maximum privileges, which could let an unauthenticated attacker potentially achieve remote code execution on the server. Airleader’s stated fix is version 6.386 or later.