CRITICAL
gtsteffaniak
CVE published 2026-06-16
CVE-2026-48777
CVE-2026-48777 is a critical vulnerability in FileBrowser Quantum, a free, self-hosted, web-based file manager. Versions prior to 1.3.2-stable, 1.4.0-beta, and 1.4.1-beta are vulnerable to Path Traversal through the publicPatchHandler in backend/http/public.go. This vulnerability allows an attacker to move, copy, or rename arbitrary files within the share owner's source root by exploiting a public share l [truncated]