{"cve":{"cve_id":"CVE-2026-5482","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.00445,"epss_percentile":0.35362,"epss_as_of":"2026-06-23","description":"Responsive FileManager's allows an unauthenticated attacker to upload files of any type and extension without restriction using dialog.php endpoint, leading to Remote Code Execution. \n\nThis project is unmaintained at the time of CVE assignment. The vulnerability was found in the latest release 9.14.0","published_at":"2026-06-15T11:44:46.963000Z","last_modified_at":null,"cvss_v3_score":null,"cvss_v3_vector":null,"cvss_v3_severity":null,"cvss_v4_score":9.3,"cvss_v4_vector":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L","cvss_v4_severity":"CRITICAL","ssvc_decision":null,"ssvc_exploitation":null,"ssvc_automatable":null,"ssvc_technical_impact":null,"cwes":["CWE-434"],"nvd_references":["https://cert.pl/en/posts/2026/06/CVE-2026-5482","https://github.com/trippo/ResponsiveFilemanager"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-28T23:30:55.040689Z"},"effective_severity":"CRITICAL","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":null,"metrics":[]},"cvss_v4_decoded":{"version":"4.0","metrics":[{"metric":"AV","name":"Attack Vector","value":"N","value_label":"Network"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"AT","name":"Attack Requirements","value":"N","value_label":"None"},{"metric":"PR","name":"Privileges Required","value":"N","value_label":"None"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"VC","name":"Confidentiality (Vulnerable System)","value":"H","value_label":"High"},{"metric":"VI","name":"Integrity (Vulnerable System)","value":"H","value_label":"High"},{"metric":"VA","name":"Availability (Vulnerable System)","value":"H","value_label":"High"},{"metric":"SC","name":"Confidentiality (Subsequent System)","value":"L","value_label":"Low"},{"metric":"SI","name":"Integrity (Subsequent System)","value":"L","value_label":"Low"},{"metric":"SA","name":"Availability (Subsequent System)","value":"L","value_label":"Low"}]},"affected":[{"vendor_slug":"tecrail","vendor_name":"Tecrail","product_slug":"responsive-filemanager","product_name":"Responsive FileManager","version_start":"0","version_start_inclusive":true,"version_end":"9.14.0","version_end_inclusive":true,"cpe23_uri":"cve5:tecrail:responsive-filemanager:0:9.14.0"}],"exploit_refs":[],"news":[],"references":[{"url":"https://cert.pl/en/posts/2026/06/CVE-2026-5482","source_type":"MISC","tags":[]},{"url":"https://github.com/trippo/ResponsiveFilemanager","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2026-06-15T11:44:46.963000Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:55:48.239489Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:55:48.239489Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:55:48.239489Z","label":"CVSS score revised","source":"cvelistv5"}]}