CVE-2026-39677

EUVD-2026-20357

2026-04-08 Patchstack

GHSA-w8h8-x9fm-43m9

Lifecycle Timeline

EUVD ID Assigned

Apr 08, 2026 - 08:45 euvd

EUVD-2026-20357

CVE Published

Apr 08, 2026 - 08:30 nvd

N/A

Description

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Creatives_Planet Emphires emphires allows PHP Local File Inclusion.This issue affects Emphires: from n/a through <= 3.9.

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.1

CVSS: +0

POC: 0

CVE-2026-39677 vulnerability details – vuln.today

Back

CVE-2026-39677

Lifecycle Timeline

Tags

Description

Analysis

Analysis

Full analysis requires sign-in

Priority Score

Share

CVE-2026-39677

Lifecycle Timeline

Tags

Description

Analysis

Full analysis requires sign-in

Priority Score

Share

External POC / Exploit Code