๐Ÿ” CVE Alert

CVE-2026-12194

UNKNOWN 0.0

PHPIPAM Authenticated LFI

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

PHPIPAM is affected by an authenticated local file inclusion vulnerability that allows users with access to the API to execute/include arbitrary PHP files on the web server's file system. The API is not enabled by default on installations.

CWE CWE-98
Vendor phpipam
Product phpipam
Published Jul 4, 2026
Stay Ahead of the Next One

Get instant alerts for phpipam phpipam

Be the first to know when new unknown vulnerabilities affecting phpipam phpipam are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

phpipam / phpipam
0 < *

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
github.com: https://github.com/phpipam/phpipam/pull/4625 projectblack.io: https://projectblack.io/blog/local-ai-for-cyber-security/#the-benchmark-vulnerabilityphpipam-authenticated-lfi