Skip to main content
Loading…
    CVE-2026-5026 — The '/api/v1/files/images/{flow_id}/{file_name}' endpoint serves SVG files with the 'image/svg+xml' content type without sanitizing their content. — CVE Database · The Intelligence Room