CVE-2026-6057: FalkorDB Browser 1.9.3 contains an unauthenticated path traversal vulnerability in the file upload API that allows...

Description

FalkorDB Browser 1.9.3 contains an unauthenticated path traversal vulnerability in the file upload API that allows remote attackers to write arbitrary files and achieve remote code execution.

Ghostwire Analysis — What This Means Practically

Exploitation Probability (EPSS): Low — 0.09% (25th percentile)

Low exploitation probability based on current threat landscape data. Standard patching timeline is appropriate.

Critical CVSS score indicates maximum severity — remote code execution, authentication bypass, or complete system compromise is likely possible.
Exploit code is reported to be available, increasing the likelihood of active exploitation.

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

CVE-2026-6057: FalkorDB Browser 1.9.3 contains an unauthenticated path traversal vulnerability in the file upload API that allows...

Description

Ghostwire Analysis — What This Means Practically

Security Coverage (2 articles)

References