File Management Interface Vulnerability in File Browser by File Browser Team
CVE-2026-62685

8.1HIGH

Key Information:

Vendor
CVE Published:
15 July 2026

What is CVE-2026-62685?

A flaw in the File Browser allows users to gain unauthorized access to files owned by other users due to the improper normalization of usernames. In versions before 2.63.17, the application failed to ensure that the resulting user scopes from normalized usernames were unique, potentially allowing a second user to register under a normalized username match and access another user's files. This vulnerability emphasizes the need for robust input validation and user scope management to maintain data confidentiality and integrity.

Affected Version(s)

filebrowser < 2.63.17

References

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.