Is there a patch available for EUVD-2026-30294?

Yes, a patch is available for EUVD-2026-30294. Update the affected software to the latest version immediately.

Vvveb EUVD-2026-30294

Q: What is the CVSS score of EUVD-2026-30294?

EUVD-2026-30294 has a CVSS 4.0 base score of 6.9 (Medium). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

| CVE-2026-41933 MEDIUM

Exposure of Information Through Directory Listing (CWE-548)

2026-05-14 disclosure@vulncheck.com

GHSA-f8fj-4vvj-89gh

Information Disclosure

6.9

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

Patch available

May 14, 2026 - 16:01 EUVD

Source Code Evidence Fetched

May 14, 2026 - 15:33 vuln.today

Analysis Generated

May 14, 2026 - 15:33 vuln.today

CVE Published

May 14, 2026 - 15:16 nvd

MEDIUM 6.9

DescriptionNVD

Vvveb before 1.0.8.3 contains a directory listing information disclosure vulnerability that allows unauthenticated attackers to enumerate files and directories by accessing multiple paths lacking proper index directives in .htaccess files. Attackers can access directories such as admin asset paths, plugins, themes, and media folders to view filenames, file sizes, modification timestamps, and unrendered admin templates containing sensitive route maps.

AnalysisAI

Vvveb before 1.0.8.3 allows unauthenticated remote attackers to enumerate sensitive files and directories through directory listing information disclosure. Multiple directories including admin, plugins, themes, and media folders lack proper index directives in .htaccess files, permitting attackers to view filenames, file sizes, modification timestamps, and unrendered admin templates that expose sensitive route maps. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

EUVD-2026-30294 vulnerability details – vuln.today

Back

Vvveb EUVD-2026-30294

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Analysis

Full analysis requires sign-in

Share

Vvveb EUVD-2026-30294

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Full analysis requires sign-in

Share

External POC / Exploit Code