Integer overflow in Filebrowser

CVE-2026-32759

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. In versions 2.61.2 and below, the TUS resumable upload handler parses the Upload-Length header as a si…

Vulnerability class: Integer Overflow

EPSS: 0.001 (35.0th percentile) — read the EPSS interpretation.

Affected products

Filebrowser — versions <= 2.61.2

Weakness classification (CWE)

CWE-190 — Integer Overflow or Wraparound

References

https://github.com/filebrowser/filebrowser/security/advisories/GHSA-ffx7-75gc-jg7c (x_refsource_CONFIRM)
https://github.com/filebrowser/filebrowser/issues/5199 (x_refsource_MISC)