CVE-2026-35047 CRITICAL

CVE-2026-35047: Brave CMS has Unrestricted File Upload in BraveCMS via CKEditor Endpoint

Vendor Ajax30
Product BraveCMS-2.0
Weakness CWE-434 · Unrestricted file upload
Published April 6, 2026
Last update April 7, 2026

CVSS base score

9.3/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Brave CMS is an open-source CMS. Prior to 2.0.6, an Unrestricted File Upload vulnerability in the CKEditor endpoint allows attackers to upload arbitrary files, including executable scripts. This may lead to Remote Code Execution (RCE) on the server, potentially resulting in full system compromise, data exfiltration, or service disruption. All users running affected versions of BraveCMS are impacted. This vulnerability is fixed in 2.0.6.

Key dates

02Disclosure timeline

April 6, 2026 CVE published
April 7, 2026 Record updated