๐Ÿ” CVE Alert

CVE-2026-61343

HIGH 7.2

LibreBooking path traversal

CVSS Score
7.2
EPSS Score
0.0%
EPSS Percentile
0th

LibreBooking's email template editor save action passes the submitted template name directly into the destination file path, allowing a remote attacker with administrator credentials to write an arbitrary file outside the template directory and execute code. Fixed in 5.1.0.

CWE CWE-23
Vendor librebooking
Product librebooking
Published Jul 9, 2026
Stay Ahead of the Next One

Get instant alerts for librebooking librebooking

Be the first to know when new high vulnerabilities affecting librebooking librebooking are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Affected Versions

LibreBooking / LibreBooking
0 < 5.1.0

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
github.com: https://github.com/LibreBooking/librebooking/pull/1456 github.com: https://github.com/LibreBooking/librebooking/releases/tag/v5.1.0 github.com: https://github.com/LibreBooking/librebooking/commit/cb9b7ad9da0243bd105809f6a4a8a6b9147c71ea raw.githubusercontent.com: https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2026/va-26-190-01.json cve.org: https://www.cve.org/CVERecord?id=CVE-2026-61343

Credits

Noah Magill