What is CVE-2026-29515?

CVE-2026-29515 is a critical-severity vulnerability in Micode Fileexplorer, classified under Incorrect Implementation of Authentication Algorithm. CVSS score: 9.8/10. Published 2026-03-11.

How severe is CVE-2026-29515?

Critical severity. CVSS v3 base score is 9.8 out of 10.

Auth bypass in Micode Fileexplorer

CVE-2026-29515

MiCode FileExplorer contains an authentication bypass vulnerability in the embedded SwiFTP FTP server component that allows network attackers to log in without valid credentials. Attackers can send arbitrary username and password combinati…

EPSS: 0.002 (39.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Micode Fileexplorer — versions 0
Xiaomi Fileexplorer

Weakness classification (CWE)

References

disclosure@vulncheck.com (Product, product)
disclosure@vulncheck.com (VDB Entry, Third Party Advisory, third-party-advisory)

Frequently asked questions

What is CVE-2026-29515?: CVE-2026-29515 is a critical-severity vulnerability in Micode Fileexplorer, classified under Incorrect Implementation of Authentication Algorithm. CVSS score: 9.8/10. Published 2026-03-11.
How severe is CVE-2026-29515?: Critical severity. CVSS v3 base score is 9.8 out of 10.