Vulnerability in Phpipam
CVE-2026-12194
PHPIPAM is affected by an authenticated local file inclusion vulnerability that allows users with access to the API to execute/include arbitrary PHP files on the web server's file system. The API is not enabled by default on installations.
Affected products
- Phpipam — versions 0
Weakness classification (CWE)
References
- ab69c47f-b95e-4bf2-b2d9-4b1fd1b24b4a (mitigation)
- ab69c47f-b95e-4bf2-b2d9-4b1fd1b24b4a (exploit)