Ghostwire
Home / Vulnerabilities / CVE-2026-8208

CVE-2026-8208: Gibbon versions before v30.0.01 are affected by a local file inclusion vulnerability resulting in RCE by changing the...

UNKNOWN CVSS 0.0

Published: May 9, 2026 | Last Modified: May 9, 2026

Description

Gibbon versions before v30.0.01 are affected by a local file inclusion vulnerability resulting in RCE by changing the report archive directory and forcing interpretation of a user provided .zip as PHP. Successful exploitation requires Teacher or higher privileges. Exploitation could result in compromise of the underlying web server.

Ghostwire Analysis — What This Means Practically

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

Security Coverage (1 articles)

CVE Feed
CVE-2026-8208 - Gibbon Local File Inclusion Remote Command Execution

References