CVE-2026-39899

Vulnerability Description

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Path Traversal via filename parameter in package_import.php. This issue has been fixed in version 1.2.31.

Vulnerability Details

Published Date

June 24, 2026

Last Modified

June 24, 2026

CWE ID

CWE-22

Source

NVD

Vendor

Cacti

Product

cacti

External References

https://github.com/Cacti/cacti/pull/6899
https://github.com/Cacti/cacti/security/advisories/GHSA-pr9x-34w8-4mf7

CVE-2026-39899

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment