CVE-2026-28270

Publication date

2026-02-27 20:19:54

Family

GitHub_M

State

PUBLISHED

Description

Kiteworks is a private data network (PDN). Prior to version 9.2.0, a vulnerability in Kiteworks configuration allows uploading of arbitrary files without proper validation. Malicious administrators could exploit this to upload unauthorized file types to the system. Version 9.2.0 contains a patch for the issue.