Is there a public PoC exploit available for CVE-2026-7214?

Yes, a public proof-of-concept exploit is available for CVE-2026-7214. Prioritise patching immediately. EPSS: 0.0%.

CVE-2026-7214

Q: What is the CVSS score of CVE-2026-7214?

CVE-2026-7214 has a CVSS 4.0 base score of 5.5 (Medium). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

EUVD-2026-25967 MEDIUM

Path Traversal (CWE-22)

2026-04-28 VulDB

Path Traversal

5.5

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

CVSS changed

Apr 29, 2026 - 01:12 NVD

6.9 (MEDIUM) 5.5 (MEDIUM)

PoC Detected

Apr 29, 2026 - 01:00 vuln.today

Public exploit code

Analysis Generated

Apr 28, 2026 - 02:30 vuln.today

Severity Changed

Apr 28, 2026 - 02:22 NVD

HIGH MEDIUM

CVSS changed

Apr 28, 2026 - 02:22 NVD

7.3 (HIGH) 6.9 (MEDIUM)

EUVD ID Assigned

Apr 28, 2026 - 02:00 euvd

EUVD-2026-25967

Analysis Generated

Apr 28, 2026 - 02:00 vuln.today

CVE Published

Apr 28, 2026 - 01:45 nvd

MEDIUM 5.5

DescriptionNVD

A vulnerability was identified in eghuzefa engineer-your-data up to 0.1.3. This vulnerability affects the function read_file/write_file/list_files/file_inf of the file src/server.py. The manipulation of the argument WORKSPACE_PATH leads to path traversal. The attack may be initiated remotely. The exploit is publicly available and might be used. The project was informed of the problem early through an issue report but has not responded yet.

AnalysisAI

Path traversal in eghuzefa engineer-your-data up to version 0.1.3 allows remote attackers to read, write, list, and obtain information about arbitrary files via manipulation of the WORKSPACE_PATH argument in the read_file, write_file, list_files, and file_inf functions within src/server.py. Publicly available exploit code exists, and the vendor has been notified but has not yet responded with a fix.

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-7214 vulnerability details – vuln.today

Back

CVE-2026-7214

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Analysis

Full analysis requires sign-in

Share

CVE-2026-7214

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Full analysis requires sign-in

Share

External POC / Exploit Code