Filtered by vendor Manyfold3d
Subscriptions
Filtered by product Manyfold
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-27635 | 1 Manyfold3d | 1 Manyfold | 2026-02-26 | 7.5 High |
| Manyfold is an open source, self-hosted web application for managing a collection of 3d models, particularly focused on 3d printing. Prior to version 0.133.0, when model render generation is enabled, a logged-in user can achieve RCE by uploading a ZIP containing a file with a shell metacharacter in its name. The filename reaches a Ruby backtick call unsanitized. Version 0.133.0 fixes the issue. | ||||
| CVE-2026-27933 | 1 Manyfold3d | 1 Manyfold | 2026-02-26 | 6.8 Medium |
| Manyfold is an open source, self-hosted web application for managing a collection of 3d models, particularly focused on 3d printing. Versions prior to 0.133.0 are vulnerable to session hijack via cookie leakage in proxy caches. Version 0.133.0 fixes the issue. | ||||
Page 1 of 1.