What is CVE-2026-8736?

CVE-2026-8736 is a medium-severity vulnerability in Oinone Pamirs, classified under Path Traversal. CVSS score: 4.1/10. Published 2026-05-17.

How severe is CVE-2026-8736?

Medium severity. CVSS v3 base score is 4.1 out of 10.

Path Traversal in Oinone Pamirs

CVE-2026-8736

A security flaw has been discovered in Oinone Pamirs up to 7.2.0. This vulnerability affects the function request.getParameter of the file LocalFileClient.java of the component RestController. Performing a manipulation of the argument uniq…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.000 (0.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.1 (Medium). Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L.

Affected products

Oinone Pamirs — versions 7.0, 7.1, 7.2.0

Weakness classification (CWE)

CWE-22 — Path Traversal

References

cna@vuldb.com (issue-tracking, exploit)
cna@vuldb.com (third-party-advisory)
cna@vuldb.com (technical-description, vdb-entry)
cna@vuldb.com (signature, permissions-required)

Frequently asked questions

What is CVE-2026-8736?: CVE-2026-8736 is a medium-severity vulnerability in Oinone Pamirs, classified under Path Traversal. CVSS score: 4.1/10. Published 2026-05-17.
How severe is CVE-2026-8736?: Medium severity. CVSS v3 base score is 4.1 out of 10.