Github.com/filebrowser/filebrowser/v2

This hub aggregates every CVE we track for Github.com/filebrowser/filebrowser/v2, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Github.com/filebrowser/filebrowser/v2.

• CVE-2026-32760File Browser Self Registration Grants Any User Admin Access When Default Permissions Include Admin9.8Mar 19, 2026
• CVE-2026-32759File Browser TUS Negative Upload-Length Fires Post-Upload Hooks Prematurely8.1Mar 19, 2026
• CVE-2026-32758File Browser has an Access Rule Bypass via Path Traversal in Copy/Rename Destination Parameter6.5Mar 19, 2026
• CVE-2026-29188File Browser: TUS Delete Endpoint Bypasses Delete Permission Check9.1Mar 5, 2026
• CVE-2026-25890File Browser has a Path-Based Access Control Bypass via Multiple Leading Slashes in URL8.1Feb 9, 2026
• CVE-2026-25889File Browser has an Authentication Bypass in User Password Update5.4Feb 9, 2026
• CVE-2026-23849File Browser vulnerable to Username Enumeration via Timing Attack in /api/login5.3Jan 19, 2026
• CVE-2025-64523FileBrowser has Insecure Direct Object Reference (IDOR) in Share Deletion Function8.8Nov 12, 2025
• CVE-2025-53826FileBrowser Has Insecure JWT Handling Which Allows Session Replay Attacks after Logout9.8Jul 15, 2025
• CVE-2025-53893File Browser Vulnerable to Uncontrolled Memory Consumption Due to Oversized File Processing6.5Jul 15, 2025
• CVE-2025-52997File Browser Insecurely Handles Passwords5.9Jun 30, 2025
• CVE-2025-52996File Browser's Password Protection of Links Vulnerable to Bypass3.1Jun 30, 2025
• CVE-2025-52995File Browser vulnerable to command execution allowlist bypass8.0Jun 30, 2025
• CVE-2025-52901File Browser allows sensitive data to be transferred in URL4.5Jun 30, 2025
• CVE-2025-52904File Browser: Command Execution not Limited to Scope8.0Jun 26, 2025