Path Traversal Vulnerability in Vertex Management Tool for Streaming Services
CVE-2024-40646

8.6HIGH

Key Information:

Vendor: Vertex-app
Status: Vertex
Vendor: CVE Published:; 1 June 2026

What is CVE-2024-40646?

The Vertex management tool, utilized by Private Tracker users for handling video streaming and watching, is susceptible to path traversal vulnerabilities in versions earlier than commit fbde301b97986d5913fc4bc95f5445750d282e11. This security issue may allow unauthorized access to sensitive files on the server. To ensure the integrity and security of your application, it is essential to update to the latest version that includes the necessary patches. For detailed information and patches, refer to the security advisory provided in the vertex GitHub repository.

Affected Version(s)

vertex < fbde301b97986d5913fc4bc95f5445750d282e11

References

https://github.com/vertex-app/vertex/security/advisories/...

x_refsource_CONFIRM

https://github.com/vertex-app/vertex/commit/fbde301b97986...

x_refsource_MISC

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 1, 2026
Vulnerability Reserved
Jul 8, 2024

CVE-2024-40646 Data

JSON

Vertex-app

What is CVE-2024-40646?

Affected Version(s)

References

CVSS V3.1

Timeline