top of page
perceptive_background_267k.jpg

A vulnerability was found in Sanster IOPaint 1.5.3. Impacted is the function _get_file of the file iopaint/file_manager/file_manager.py of the component File Ma…

Published:

31 March 2026 at 22:00:00

Alert date:

1 April 2026 at 08:00:52

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies

A path traversal vulnerability (CVE-2026-5258) was discovered in Sanster IOPaint version 1.5.3. The vulnerability affects the _get_file function in the file manager component, allowing attackers to manipulate the filename argument to perform path traversal attacks. The vulnerability can be exploited remotely, and exploit code has been publicly released. The vendor was notified but did not respond to the disclosure.

Technical details

Mitigation steps:

Affected products:

Sanster IOPaint

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-5258
https://github.com/August829/CVEP/issues/11
https://vuldb.com/submit/780666
https://vuldb.com/vuln/354448
https://vuldb.com/vuln/354448/cti

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page