Dumbwareio Dumbassets
2 CVEs affecting Dumbwareio Dumbassets. Latest disclosed: 2026-05-18. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-45230 | Critical | 9.1 | 2026-05-18 | DumbAssets through 1.0.11 contains a path traversal vulnerability in the POST /api/delete-file endpoint and filesToDelete array parameters that allows unauthen… |
CVE-2026-45231 | Medium | 6.1 | 2026-05-18 | DumbAssets through 1.0.11 contains a stored cross-site scripting vulnerability in asset fields including name, description, modelNumber, serialNumber, and tags… |