COSMOS INTELLIGENCE SYSTEM·NVD SYNC: IDLE·KEV: 0 ENTRIES·RATE: 0/HR0%

·LAST SYNC: 10:33:13 PM NPT

./cosmos

Intelligence News Scholarships Blog Resources Events Certificates Arsenal Tools About

LIVE

// cve detail

./cosmos

Cybersecurity intelligence, research, and operational infrastructure.

Platform

Home
Intelligence
News
Digest
Scholarships
Blog
Resources
Events
Certificates
Arsenal
Tools
About

Connect

GitHub
LinkedIn
Email

COSMOS INTELLIGENCE SYSTEM·NVD SYNC: IDLE·KEV: 0 ENTRIES·RATE: 0/HR0%

·LAST SYNC: 10:33:13 PM NPT

./cosmos

Intelligence News Scholarships Blog Resources Events Certificates Arsenal Tools About

LIVE

// intelligence feed

./cosmos

Cybersecurity intelligence, research, and operational infrastructure.

Platform

Home
Intelligence
News
Digest
Scholarships
Blog
Resources
Events
Certificates
Arsenal
Tools
About

Connect

GitHub
LinkedIn
Email

COSMOS INTELLIGENCE SYSTEM·NVD SYNC: IDLE·KEV: 0 ENTRIES·RATE: 0/HR0%

·LAST SYNC: 10:33:13 PM NPT

./cosmos

Intelligence News Scholarships Blog Resources Events Certificates Arsenal Tools About

LIVE

// cve detail

./cosmos

Cybersecurity intelligence, research, and operational infrastructure.

Platform

Home
Intelligence
News
Digest
Scholarships
Blog
Resources
Events
Certificates
Arsenal
Tools
About

Connect

GitHub
LinkedIn
Email

CVE-2026-48941 | COSMOS

COSMOS INTELLIGENCE SYSTEM·NVD SYNC: IDLE·KEV: 0 ENTRIES·RATE: 0/HR0%

·LAST SYNC: 10:33:13 PM NPT

./cosmos

Intelligence News Scholarships Blog Resources Events Certificates Arsenal Tools About

LIVE

All intelligence

// vulnerability record

cached · NVD via COSMOS sync

CVE-2026-48941

MEDIUM

published 2026-06-25 16:16 UTC · 3 days ago · modified 2026-06-26 17:44 UTC

6.5

CVSS / 10

// description

The K2 frontend `item.checkin` task accepts an unauthenticated `sigProFolder` query parameter and uses it directly to address a `JFolder::delete()` call under `/media/k2/galleries/`

// cvss 3.1 vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

// weaknesses (CWE)

CWE-862

// references (1)

https://www.getk2.org/

NVD detail

./cosmos

Cybersecurity intelligence, research, and operational infrastructure.

Platform

Home
Intelligence
News
Digest
Scholarships
Blog
Resources

Connect

GitHub
LinkedIn
Email