CRITICAL
Remote Spark (https://www.remotespark.com/)
CVE published 2026-05-29
CVE-2026-8326
A critical path traversal vulnerability in Remote Spark SparkView's RDP drive redirection component enables arbitrary file read/write as root, leading to remote code execution. The vulnerability may be exploitable by unauthenticated attackers depending on implementation. Affected versions are builds prior to 1127. The CVSS 4.0 vector indicates network attack vector with no required privileges or user inte [truncated]