CVE-2026-6057
Path Traversal in FalkorDB Browser 1.9.3 Enables RCE
Publication date: 2026-04-10
Last updated on: 2026-04-10
Assigner: securin
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| falkordb | falkordb_browser | 1.9.3 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-6057 is a vulnerability in FalkorDB Browser version 1.9.3 that allows unauthenticated remote attackers to exploit a path traversal flaw in the file upload API.
This flaw enables attackers to write arbitrary files to the server by bypassing normal file path restrictions, which can lead to remote code execution.
How can this vulnerability impact me? :
This vulnerability can have severe impacts including unauthorized remote code execution on the affected server.
An attacker could upload malicious files outside the intended directories, potentially gaining control over the system or disrupting service.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves an unauthenticated path traversal in the file upload API of FalkorDB Browser 1.9.3 that allows remote attackers to write arbitrary files and achieve remote code execution.
Detection can focus on monitoring or testing the file upload endpoint for unauthorized access or attempts to upload files with path traversal patterns (e.g., filenames containing '../').
Suggested commands or methods include:
- Using curl or similar tools to attempt uploading files with path traversal sequences to the upload API endpoint and observing if the upload succeeds without authentication.
- Monitoring web server logs for suspicious file upload requests containing directory traversal patterns.
- Checking for unexpected files in directories outside the intended upload folder.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include:
- Apply the security update that enforces session-based authentication on the file upload endpoint to prevent unauthenticated access.
- Ensure that the file upload API sanitizes filenames to prevent path traversal by using functions like path.basename() and validating that files are stored only within designated directories.
- Improve error handling to avoid leaking internal error details and ensure proper HTTP status codes are returned.
- Verify that CORS headers are consistently included in all responses to prevent cross-origin issues.
- If an immediate patch is not available, consider disabling the file upload functionality or restricting access to authenticated users only.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
CVE-2026-6057 allows unauthenticated remote attackers to write arbitrary files and achieve remote code execution via a path traversal vulnerability in FalkorDB Browser's file upload API. Such a vulnerability can lead to unauthorized access, data breaches, and potential manipulation or exposure of sensitive data.
These security risks can negatively impact compliance with common standards and regulations like GDPR and HIPAA, which require strict controls over data confidentiality, integrity, and access. Specifically, unauthorized remote code execution and arbitrary file writes could lead to violations of data protection requirements, unauthorized disclosure of personal or health information, and failure to maintain secure systems.
The fix for this vulnerability includes session validation, path traversal protection, improved error handling, and consistent CORS header handling, which help mitigate these risks and support compliance efforts by enforcing authentication and preventing unauthorized file operations.