CVE-2026-39538

EUVD-2026-20193

2026-04-08 Patchstack

GHSA-c523-5gm5-4mr8

Lifecycle Timeline

EUVD ID Assigned

Apr 08, 2026 - 08:45 euvd

EUVD-2026-20193

CVE Published

Apr 08, 2026 - 08:30 nvd

N/A

Description

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Mikado Core mikado-core allows PHP Local File Inclusion.This issue affects Mikado Core: from n/a through <= 1.6.

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.1

CVSS: +0

POC: 0

CVE-2026-39538 vulnerability details – vuln.today

Back

CVE-2026-39538

Lifecycle Timeline

Tags

Description

Analysis

Analysis

Full analysis requires sign-in

Priority Score

Share

CVE-2026-39538

Lifecycle Timeline

Tags

Description

Analysis

Full analysis requires sign-in

Priority Score

Share

External POC / Exploit Code