2026-03-26 11:37:52
INCIBE
PUBLISHED
Problem in the Small HTTP Server v3.06.36 service. An authenticated path traversal vulnerability in / allows remote users to bypass the intended restrictions of SecurityManager and display any file if they have the appropriate permissions outside the document root configured on the server.