CVE-2026-33486

Roadiz is a polymorphic content management system based on a node system that can handle many types of services. A vulnerability in roadiz/documents prior to versions 2.7.9, 2.6.28, 2.5.44, and 2.3.42 allows an authenticated attacker to read any file on the server's local file system that the web server process has access to, including highly sensitive environment variables, database credentials, and internal configuration files. Versions 2.7.9, 2.6.28, 2.5.44, and 2.3.42 contain a patch.

CVSS v3 6.8 MEDIUM

6.8^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.3 / Impact : 4.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://github.com/roadiz/core-bundle-dev-app/commit/7904f690a51b88b1c72c02149ebdf85fa81f19f2
https://github.com/roadiz/core-bundle-dev-app/security/advisories/GHSA-rc55-58f4-687g

Configurations

No configuration.

History

No history.

Information

Published : 2026-03-26 18:16

Updated : 2026-03-30 13:26

NVD link : CVE-2026-33486

Mitre link : CVE-2026-33486

CVE.ORG link : CVE-2026-33486

JSON object : View

Products Affected

No product.

CWE

CWE-918

Server-Side Request Forgery (SSRF)

{"id": "CVE-2026-33486", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 4.0, "exploitabilityScore": 2.3}]}, "published": "2026-03-26T18:16:29.903", "references": [{"url": "https://github.com/roadiz/core-bundle-dev-app/commit/7904f690a51b88b1c72c02149ebdf85fa81f19f2", "source": "security-advisories@github.com"}, {"url": "https://github.com/roadiz/core-bundle-dev-app/security/advisories/GHSA-rc55-58f4-687g", "source": "security-advisories@github.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-918"}]}], "descriptions": [{"lang": "en", "value": "Roadiz is a polymorphic content management system based on a node system that can handle many types of services. A vulnerability in roadiz/documents prior to versions 2.7.9, 2.6.28, 2.5.44, and 2.3.42 allows an authenticated attacker to read any file on the server's local file system that the web server process has access to, including highly sensitive environment variables, database credentials, and internal configuration files. Versions 2.7.9, 2.6.28, 2.5.44, and 2.3.42 contain a patch."}, {"lang": "es", "value": "Roadiz es un sistema de gesti\u00f3n de contenido polim\u00f3rfico basado en un sistema de nodos que puede manejar muchos tipos de servicios. Una vulnerabilidad en roadiz/documents anterior a las versiones 2.7.9, 2.6.28, 2.5.44 y 2.3.42 permite a un atacante autenticado leer cualquier archivo en el sistema de archivos local del servidor al que el proceso del servidor web tiene acceso, incluyendo variables de entorno altamente sensibles, credenciales de base de datos y archivos de configuraci\u00f3n internos. Las versiones 2.7.9, 2.6.28, 2.5.44 y 2.3.42 contienen un parche."}], "lastModified": "2026-03-30T13:26:50.827", "sourceIdentifier": "security-advisories@github.com"}