What is CVE-2026-2493?

CVE-2026-2493 is a high-severity vulnerability in Icewarp, classified under Path Traversal. CVSS score: 7.5/10. Published 2026-03-13.

How severe is CVE-2026-2493?

High severity. CVSS v3 base score is 7.5 out of 10.

Path Traversal in Icewarp

CVE-2026-2493

IceWarp collaboration Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of IceWarp. Authentication is not required to exploit th…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.506 (97.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N.

Affected products

Icewarp — versions 14.2.0.10

Weakness classification (CWE)

CWE-22 — Path Traversal

References

ZDI-26-130 (x_research-advisory)

Frequently asked questions

What is CVE-2026-2493?: CVE-2026-2493 is a high-severity vulnerability in Icewarp, classified under Path Traversal. CVSS score: 7.5/10. Published 2026-03-13.
How severe is CVE-2026-2493?: High severity. CVSS v3 base score is 7.5 out of 10.