CVE-2026-35047
CRITICALBrave CMS has Unrestricted File Upload in BraveCMS via CKEditor Endpoint
Title source: cnaDescription
Brave CMS is an open-source CMS. Prior to 2.0.6, an Unrestricted File Upload vulnerability in the CKEditor endpoint allows attackers to upload arbitrary files, including executable scripts. This may lead to Remote Code Execution (RCE) on the server, potentially resulting in full system compromise, data exfiltration, or service disruption. All users running affected versions of BraveCMS are impacted. This vulnerability is fixed in 2.0.6.
References (3)
Core 3
Core References
X_Refsource_Confirm x_refsource_confirm
https://github.com/Ajax30/BraveCMS-2.0/security/advisories/GHSA-9rcc-w59j-965v
X_Refsource_Misc x_refsource_misc
https://github.com/Ajax30/BraveCMS-2.0/pull/122
X_Refsource_Misc x_refsource_misc
https://github.com/Ajax30/BraveCMS-2.0/commit/058ee4ed7c2b39d540af8274024afcbc9532aa83
Scores
CVSS v3
9.8
EPSS
0.0055
EPSS Percentile
41.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
CWE
CWE-434
Status
published
Products (2)
ajax30/bravecms
2.0.0 - 2.0.6
Ajax30/BraveCMS-2.0
< 2.0.6
Published
Apr 06, 2026
Tracked Since
Apr 06, 2026