What is the CVSS score of EUVD-2026-18507?

EUVD-2026-18507 has a CVSS 3.1 base score of 9.1 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H. EPSS exploitation probability: 0.1%.

Which versions of Fireshare are affected by EUVD-2026-18507?

Fireshare versions below 1.5.3 contain a critical arbitrary file write vulnerability in the public upload endpoint that allows unauthenticated attackers to upload malicious files to any server…. A patch is available.

How to fix or mitigate EUVD-2026-18507?

Within 24 hours: Identify all Fireshare deployments and document current versions; disable or restrict access to the /api/uploadChunked/public endpoint if running versions below 1.5.3. Within 7 days: Upgrade all Fireshare instances to version 1.5.3 or later per vendor advisory. Within 30 days: Conduct file integrity audit of upload directories, review upload logs for suspicious activity dating back 90 days, and implement network controls restricting upload endpoint access to authorized users only.

Fireshare EUVD-2026-18507

| CVE-2026-34745 CRITICAL

Path Traversal (CWE-22)

2026-04-02 GitHub_M

Path Traversal Fireshare

9.1

CVSS 3.1 · GitHub Advisory

Severity by source

GitHub Advisory PRIMARY

9.1 CRITICAL

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Updated

Apr 16, 2026 - 05:47 EUVD-patch-fix

executive_summary

Re-analysis Queued

Apr 16, 2026 - 05:29 backfill_euvd_patch

patch_released

Patch available

Apr 16, 2026 - 05:29 EUVD

1.5.3

EUVD ID Assigned

Apr 02, 2026 - 19:01 euvd

EUVD-2026-18507

Analysis Generated

Apr 02, 2026 - 19:01 vuln.today

CVE Published

Apr 02, 2026 - 18:38 nvd

CRITICAL 9.1

DescriptionGitHub Advisory

Fireshare facilitates self-hosted media and link sharing. Prior to version 1.5.3, the fix for CVE-2026-33645 was applied to the authenticated /api/uploadChunked endpoint but was not applied to the unauthenticated /api/uploadChunked/public endpoint in the same file (app/server/fireshare/api.py). An unauthenticated attacker can exploit the checkSum parameter to write arbitrary files with attacker-controlled content to any writable path on the server filesystem. This issue has been patched in version 1.5.3.

AnalysisAI

Arbitrary file write in Fireshare <1.5.3 allows unauthenticated remote attackers to upload malicious files to any writable server path via path traversal in the /api/uploadChunked/public endpoint's checkSum parameter. This represents an incomplete fix for CVE-2026-33645, where remediation was applied only to the authenticated endpoint while leaving the public variant exploitable. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Send crafted request to /api/uploadChunked/public endpoint

Exploit

Manipulate checkSum parameter with path traversal payload

Execution

Write arbitrary file to server filesystem

Impact

Compromise system integrity and availability

Access

Send crafted request to /api/uploadChunked/public endpoint

Exploit

Manipulate checkSum parameter with path traversal payload

Execution

Write arbitrary file to server filesystem

Impact

Compromise system integrity and availability

Vulnerability AssessmentAI

Exploitation	Fireshare versions prior to 1.5.3 with the unauthenticated /api/uploadChunked/public endpoint exposed. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	Real-world risk is high despite no confirmed active exploitation (CISA KEV). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An unauthenticated attacker identifies a publicly accessible Fireshare instance and sends a crafted POST request to /api/uploadChunked/public with a checkSum parameter containing path traversal sequences such as ../../../../var/www/html/shell.php. The server writes the attacker-supplied file chunk to the specified path without validation, placing a PHP web shell in the webroot. …
Remediation	Upgrade immediately to Fireshare version 1.5.3, released by the vendor to address this vulnerability. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify all Fireshare deployments and document current versions; disable or restrict access to the /api/uploadChunked/public endpoint if running versions below 1.5.3. …

Threat intelligence, references, and detailed analysis are available after sign-in.

EUVD-2026-18507 vulnerability details – vuln.today

Back

Fireshare EUVD-2026-18507

Severity by source

CVSS VectorGitHub Advisory

Lifecycle Timeline

DescriptionGitHub Advisory

AnalysisAI

Unlock full vulnerability intelligence

Attack ChainAIDerived

Vulnerability AssessmentAI

Recommended ActionAI

Share

External POC / Exploit Code