CVE-2026-6057

CVE-2026-6057: Unauthenticated Path Traversal in FalkorDB Browser Leads to Remote Code Execution

Vendor Falkordb
Product FalkorDB Browser
Weakness CWE-22 · Path traversal
Published April 10, 2026
Last update April 10, 2026

CVSS base score

What the vulnerability does

01Description

FalkorDB Browser 1.9.3 contains an unauthenticated path traversal vulnerability in the file upload API that allows remote attackers to write arbitrary files and achieve remote code execution.

Key dates

02Disclosure timeline

April 10, 2026 CVE published
April 10, 2026 Record updated

Related vulnerabilities

04Related CVE