CVE-2026-29858

Published: Mar 18, 2026 Last Modified: Mar 18, 2026
ExploitDB:
Other exploit source:
Google Dorks:

Description

AI Translation Available

A lack of path validation in aaPanel v7.57.0 allows attackers to execute a local file inclusion (LFI), leadingot sensitive information exposure.

https://github.com/aapanel/aapanel
https://github.com/aapanel/aapanel
https://github.com/mbiesiad/vulnerability-research/tree/mai…
https://github.com/mbiesiad/vulnerability-research/tree/main/CVE-2026-29858