Vulnerability Description
Airleader Master versions 6.381 and prior allow for file uploads without restriction to multiple webpages running maximum privileges. This could allow an unauthenticated user to potentially obtain remote code execution on the server.
CVSS Score
CRITICAL
Related Weaknesses (CWE)
References
- https://airleader.us/contact/
- https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-04
- https://www.cisa.gov/news-events/ics-advisories/icsa-26-043-10
- https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2025-044.t
FAQ
What is CVE-2026-1358?
CVE-2026-1358 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Airleader Master versions 6.381 and prior allow for file uploads without restriction to multiple webpages running maximum privileges. This could allow an unauthenticated user to potentially obtain r...
How severe is CVE-2026-1358?
CVE-2026-1358 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2026-1358?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.