File Management Vulnerability in File Browser by File Browser
CVE-2026-62683

3.1LOW

Key Information:

Vendor
CVE Published:
15 July 2026

What is CVE-2026-62683?

Prior to version 2.63.17, File Browser had a flaw that could lead to stale public directory shares persisting after a directory's deletion. When a deleted directory was accessed via a path ending in a trailing slash, the underlying system failed to remove the associated public share, potentially exposing sensitive files if a new directory with the same name was created. This vulnerability was addressed in version 2.63.17, which ensures proper cleanup of public shares when directories are appropriately deleted.

Affected Version(s)

filebrowser < 2.63.17

References

CVSS V3.1

Score:
3.1
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.