Description

An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of the filemd5 command.

Remediation

References

CVE-2026-4147

Related Vulnerabilities

WordPress Plugin Ajax Search Lite Security Bypass (3.1)

Nexus Repository Manager Incorrect Authorization Vulnerability (CVE-2018-16620)

WordPress 5.2.x Multiple Vulnerabilities (5.2 - 5.2.9)

WordPress Plugin Activity Log Cross-Site Scripting (2.3.1)

WordPress Plugin Bitcoin Faucet Cross-Site Scripting (1.0.12)

Severity

Medium

Classification

CVE-2026-4147 CWE-908 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities