Projectblack CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH Projectblack CVE published 2026-05-09

CVE-2026-8208

CVE-2026-8208 is a high-severity issue in Gibbon versions before v30.0.01. According to the supplied record, an attacker with Teacher or higher privileges can change the report archive directory and force a user-provided .zip file to be interpreted as PHP, which can lead to remote code execution and compromise of the underlying web server.

HIGH Projectblack CVE published 2026-05-09

CVE-2026-8207

CVE-2026-8207 is an authenticated SQL injection issue in Gibbon versions before v30.0.01. The flaw is triggered through the Tracking/graphing feature and requires Teacher or higher privileges. If exploited, it could allow unintended read and write activity against the underlying database.