CVE-2026-6057

Unauthenticated Path Traversal in FalkorDB Browser Leads to Remote Code Execution

Description

FalkorDB Browser 1.9.3 contains an unauthenticated path traversal vulnerability in the file upload API that allows remote attackers to write arbitrary files and achieve remote code execution.

INFO

Published Date :

2026-04-10T09:16:30.338Z

Last Modified :

2026-04-10T20:25:53.551Z

Source :

securin

AFFECTED PRODUCTS

The following products are affected by CVE-2026-6057 vulnerability.

Vendors	Products
Falkordb	Falkordb Browser

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-6057.

URL	Resource
https://github.com/FalkorDB/falkordb-browser
https://github.com/FalkorDB/falkordb-browser/pull/1611

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact