EUVD-2026-21515
GHSA-8hw4-fhww-273g
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L
Lifecycle Timeline
4Description
Bugsink is a self-hosted error tracking tool. In 2.1.0, an authenticated file write vulnerability was identified in Bugsink 2.1.0 in the artifact bundle assembly flow. A user with a valid authentication token could cause the application to write attacker-controlled content to a filesystem location writable by the Bugsink process. This vulnerability is fixed in 2.1.1.
Analysis
Authenticated arbitrary file write in Bugsink 2.1.0 allows remote attackers to write malicious content to filesystem locations accessible by the application process through exploitation of the artifact bundle assembly flow. Attackers holding valid authentication tokens can achieve high-integrity impact and partial availability disruption by manipulating file operations. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Inventory all Bugsink deployments and confirm version 2.1.0 instances; restrict authentication token distribution and audit active tokens for unauthorized issuance. Within 7 days: Implement filesystem access controls and file integrity monitoring on Bugsink application directories; consider isolating Bugsink instances to sandboxed containers with minimal write permissions. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today