CVE-2026-5638
HerikLyma CPPWebFramework path traversal
CVSS Score
5.3
EPSS Score
0.0%
EPSS Percentile
0th
A vulnerability was detected in HerikLyma CPPWebFramework up to 3.1. This issue affects some unknown processing. Performing a manipulation results in path traversal. Remote exploitation of the attack is possible. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
| CWE | CWE-22 |
| Vendor | heriklyma |
| Product | cppwebframework |
| Published | Apr 6, 2026 |
| Last Updated | Apr 6, 2026 |
Stay Ahead of the Next One
Get instant alerts for heriklyma cppwebframework
Be the first to know when new medium vulnerabilities affecting heriklyma cppwebframework are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Affected Versions
HerikLyma / CPPWebFramework
3.0 3.1
References
vuldb.com: https://vuldb.com/vuln/355426 vuldb.com: https://vuldb.com/vuln/355426/cti vuldb.com: https://vuldb.com/submit/785952 github.com: https://github.com/HerikLyma/CPPWebFramework/issues/40 github.com: https://github.com/HerikLyma/CPPWebFramework/issues/40#issue-4118436068 github.com: https://github.com/HerikLyma/CPPWebFramework/
Credits
Matan Sandori ๐ MatanS (VulDB User) MatanS (VulDB User) VulDB CNA Team