HomeCVE Intelligence › CVE-2026-54065
CVSS 8.7 HIGH Vulnerability

CVE-2026-54065: NukeViet: Path Traversal to Arbitrary File Deletion in Edit Comment Function

Summary Path Traversal to Arbitrary File Deletion in the Edit Comment admin function. An authenticated administrator can delete arbitrary files within the application root (e.g., config.php) by injecting a crafted attac…

8.7CVSS Score
HIGHSeverity
NOCISA KEV
VulnerabilityImpact Type

📋 Vulnerability Details

CVE IDCVE-2026-54065
Vendorcomposer
Affected Productnukeviet/nukeviet
Vulnerability TypeVulnerability
CVSS Score8.7 (HIGH)
Actively Exploited❌ No known exploitation
Patch StatusSee Vendor Advisory →
Reported ByCYBERDUDEBIVASH SENTINEL APEX Intelligence (via github_advisories)

🔬 Technical Analysis

#

Summary Path Traversal to Arbitrary File Deletion in the Edit Comment admin function. An authenticated administrator can delete arbitrary files within the application root (e.g., config.php) by injecting a crafted attach parameter, rendering the application inoperable.

Affected Component modules/comment/admin/edit.php

Root Cause In the vulnerable version, the attach parameter received via HTTP POST was not validated before being processed: ``php

// Vulnerable code (before fix) $attach = $nv_Request->get_string('attach', 'post', '', true); if (!empty($attach)) { $attach = substr($attach, strlen(NV_BASE_SITEURL . NV_UPLOADS_DIR . '/' . $module_upload . '/')); } ` substr() strips the first N characters (equal to the length of the upload URL prefix, e.g. 26 chars for /nu

📚 Advisory References

⚡ DETECTION RULES AVAILABLE

Get CVE-2026-54065 Detection Pack

Sigma rules, YARA signatures, IOC table, and SIEM queries for Splunk, Elastic, Sentinel, and Chronicle — deployable in 5 minutes.

✓ Sigma Rules ✓ YARA Pack ✓ IOC Table ✓ SIEM Queries
🛡️ Get Detection Pack → 🔌 Access via API →

🔗 Related Intelligence