CVE-2026-16088 - halo-dev halo Files Backup Endpoint MigrationEndpoint.java download path traversal
CVE ID :CVE-2026-16088
Published : July 18, 2026, 10:17 a.m. | 2 hours, 31 minutes ago
Description :A vulnerability was detected in halo-dev halo up to 2.24.2. Affected by this vulnerability is the function Download of the file MigrationEndpoint.java of the component Files Backup Endpoint. Performing a manipulation results in path traversal. The attack is possible to be carried out remotely. The exploit is now public and may be used.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : July 18, 2026, 10:17 a.m. | 2 hours, 31 minutes ago
Description :A vulnerability was detected in halo-dev halo up to 2.24.2. Affected by this vulnerability is the function Download of the file MigrationEndpoint.java of the component Files Backup Endpoint. Performing a manipulation results in path traversal. The attack is possible to be carried out remotely. The exploit is now public and may be used.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...