All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2026-12194
LOWpublished 2026-07-04 08:16 UTC · 7 hours ago
2.3
CVSS / 10
// description
PHPIPAM is affected by an authenticated local file inclusion vulnerability that allows users with access to the API to execute/include arbitrary PHP files on the web server's file system. The API is not enabled by default on installations.
// weaknesses (CWE)
- CWE-98