CVE-2026-50869

CRITICALPre-NVD 9.89.8—Trending — 3 sources updated this weekElevated

9.8

An issue in the api/plugin.php component of Bludit v3.19.0 allows attackers to execute a directory traversal via supplying a crafted request.

CVSS v3: 9.8
EG Score: 9.8(high)
EPSS: 49.0%
KEV: Not listed

Published

June 15, 2026

Last Modified

June 16, 2026

Advisory Details (1)

Auto-updated Jun 24, 2026

No patch confirmed yet.

generic

Reference for CVE-2026-50869 · GitHub

https://gist.github.com/pyuysig/95931ed2140f3bd85dc67057dd23a47f

Vendor Advisories for CVE-2026-50869(1)

These vendors published their own advisory mentioning this CVE — often with vendor-specific remediation steps + affected product lists not in NVD.

GHSA-fx7h-q7c6-m6ch
GitHub Security AdvisoriesCritical
An issue in the api/plugin.php component of Bludit v3.19.0 allows attackers to execute a...

Weakness Classification(1)

MITRE Common Weakness Enumeration — the root-cause categories this CVE belongs to.

CWE-22Path Traversal

Data Freshness Timeline

(refreshed 75× in last 7d / 81× in last 30d)

Each row is a source pipeline that fetched or updated this CVE on that date, with what changed. For example, "NVD update" means NVD published or revised its analysis for this CVE; "MITRE cvelistV5" means we ingested or refreshed it from the CNA feed. Most recent first.

2026-06-24 14:05 UTCEPSS rescore
2026-06-24 13:23 UTCEG score recompute
2026-06-24 13:23 UTCGHSA enrichment
2026-06-24 08:35 UTCEG score recompute
2026-06-24 08:35 UTCGHSA enrichment
2026-06-24 04:20 UTCEG score recompute
2026-06-24 04:20 UTCGHSA enrichment
2026-06-23 23:42 UTCEG score recompute
2026-06-23 23:42 UTCGHSA enrichment
2026-06-23 21:33 UTCEPSS rescore
2026-06-23 21:33 UTCEPSS rescore
2026-06-23 19:23 UTCEG score recompute
2026-06-23 19:23 UTCGHSA enrichment
2026-06-23 15:08 UTCEG score recompute
2026-06-23 15:08 UTCGHSA enrichment
2026-06-23 10:43 UTCEG score recompute
2026-06-23 10:42 UTCGHSA enrichment
2026-06-23 06:27 UTCEG score recompute
2026-06-23 06:27 UTCGHSA enrichment
2026-06-23 02:09 UTCEG score recompute
2026-06-23 02:09 UTCGHSA enrichment
2026-06-22 21:50 UTCEG score recompute
2026-06-22 21:50 UTCGHSA enrichment
2026-06-22 17:18 UTCEG score recompute
2026-06-22 17:18 UTCGHSA enrichment

Show 56 more

2026-06-22 14:25 UTCEPSS rescore
2026-06-22 14:25 UTCEPSS rescore
2026-06-22 12:32 UTCEG score recompute
2026-06-22 12:32 UTCGHSA enrichment
2026-06-22 08:15 UTCEG score recompute
2026-06-22 08:15 UTCGHSA enrichment
2026-06-22 03:56 UTCEG score recompute
2026-06-22 03:56 UTCGHSA enrichment
2026-06-21 23:41 UTCEG score recompute
2026-06-21 23:41 UTCGHSA enrichment
2026-06-21 18:38 UTCEG score recompute
2026-06-21 18:38 UTCGHSA enrichment
2026-06-21 14:56 UTCEPSS rescore
2026-06-21 14:56 UTCEPSS rescore
2026-06-21 14:09 UTCEG score recompute
2026-06-21 14:09 UTCGHSA enrichment
2026-06-21 09:54 UTCEG score recompute
2026-06-21 09:54 UTCGHSA enrichment
2026-06-21 05:39 UTCEG score recompute
2026-06-21 05:39 UTCGHSA enrichment
2026-06-21 01:59 UTCEPSS rescore
2026-06-21 01:59 UTCEPSS rescore
2026-06-21 01:24 UTCEG score recompute
2026-06-21 01:24 UTCGHSA enrichment
2026-06-20 21:09 UTCEG score recompute
2026-06-20 21:09 UTCGHSA enrichment
2026-06-20 16:50 UTCEG score recompute
2026-06-20 16:50 UTCGHSA enrichment
2026-06-20 12:16 UTCEG score recompute
2026-06-20 12:16 UTCGHSA enrichment
2026-06-20 08:01 UTCEG score recompute
2026-06-20 08:01 UTCGHSA enrichment
2026-06-20 03:44 UTCEG score recompute
2026-06-20 03:44 UTCGHSA enrichment
2026-06-19 23:22 UTCEG score recompute
2026-06-19 23:21 UTCGHSA enrichment
2026-06-19 19:26 UTCEPSS rescore
2026-06-19 19:26 UTCEPSS rescore
2026-06-19 19:04 UTCEG score recompute
2026-06-19 19:04 UTCGHSA enrichment
2026-06-19 14:43 UTCEG score recompute
2026-06-19 14:43 UTCGHSA enrichment
2026-06-19 10:24 UTCEG score recompute
2026-06-19 10:24 UTCGHSA enrichment
2026-06-19 05:57 UTCEG score recompute
2026-06-19 05:57 UTCGHSA enrichment
2026-06-19 01:11 UTCEG score recompute▲ 9.80
2026-06-19 01:11 UTCGHSA enrichment
2026-06-18 17:52 UTCEPSS rescore
2026-06-18 17:52 UTCEPSS rescore
2026-06-17 17:53 UTCEPSS rescore
2026-06-16 17:53 UTCEPSS rescore
2026-06-16 14:59 UTCMITRE cvelistV5CVSS v3 → 9.8 · severity → CRITICAL
2026-06-15 21:45 UTCNVD update
2026-06-15 19:23 UTCEG score recompute
2026-06-15 19:19 UTCMITRE cvelistV5first tracked

Frequently asked(5)

What is CVE-2026-50869?

CVE-2026-50869 is a critical vulnerability published on June 15, 2026. An issue in the api/plugin.php component of Bludit v3.19.0 allows attackers to execute a directory traversal via supplying a crafted request.

When was CVE-2026-50869 disclosed?

CVE-2026-50869 was first published in the National Vulnerability Database on June 15, 2026, with the most recent update on June 16, 2026. EchelonGraph re-ingests CVE updates from NVD on a 2-hour cycle, so this page reflects the latest published state.

Is CVE-2026-50869 actively exploited?

CVE-2026-50869 is not currently on CISA's Known Exploited Vulnerabilities catalog. FIRST EPSS estimates a 49.0% percentile likelihood of exploitation in the next 30 days — higher percentiles indicate greater predicted risk.

What is the CVSS score of CVE-2026-50869?

CVE-2026-50869 has a CVSS v3.1 base score of 9.8 (CISA-ADP / Vulnrichment enrichment; NVD's own analysis pending).

How do I remediate CVE-2026-50869?

Patch to the fixed version published by the affected vendor. Where vendor advisories exist for CVE-2026-50869, EchelonGraph cross-links them in the Vendor Advisories panel below — those typically contain the canonical remediation steps, fixed version numbers, and any vendor-specific mitigations.

Dependency Blast Radius

Explore the affected products and dependency analysis for CVE-2026-50869

Explore →

Is Your Infrastructure Affected by CVE-2026-50869?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2026-50869

📅 Published

🔄 Last Modified

📋 Advisory Details (1)

Reference for CVE-2026-50869 · GitHub

📣 Vendor Advisories for CVE-2026-50869(1)

Weakness Classification(1)

Data Freshness Timeline

❓ Frequently asked(5)