CVE-2026-9053

Summary

Mothra would respect a default value given by a website for HTML file upload forms. An attacker could craft a website with a malicious default file path, and then conceal this form element.

Affected Software

VendorProductVersion RangeStatus
9front9frontf04e113279274526a8dae34de373027b68921fbf < d145acc9ef0da47131af6ad94e87264e04870d47affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References