CVE-2026-9129

216.73.217.22

· Published 20/05/2026 20:16 · Modified 21/05/2026 15:24

Labels: CVE-2026-9129 2026-05-20 4760f414-e1ae-4ff1-bdad-c7a9c3538b79 CVE-2026-9129 CWE-22

Essential information

Published: 20/05/2026 20:16
Modified: 21/05/2026 15:24
Author: —
Creator: —
CVSS: 9.4 CRITICAL (v3) 9.4 CRITICAL (v4.0)
CISA KEV: No
CWE: —
CVSS vector: —

CVSS metrics

Description

A path traversal vulnerability exists in the Altium Enterprise Server Viewer StorageController due to improper handling of file path route parameters. On on-premise deployments that use local filesystem storage, a regular authenticated user can supply a URL-encoded absolute path (such as an encoded drive letter) in a Viewer storage API request, causing the configured storage root to be discarded and allowing arbitrary files to be read from the server filesystem. Because the readable files include the server's master configuration, which stores database credentials, signing key locations, certificate passwords, and OAuth secrets, exploitation can lead to disclosure of all server secrets and full compromise of the server and its data. Cloud deployments are not affected, as they use object storage and do not enable this component.

NVD status

Status: Deferred — CVE has been recently published to the CVE List and has been received by the NVD.
Source: 4760f414-e1ae-4ff1-bdad-c7a9c3538b79
NVD: View on NVD

Affected products (CPE)

Product	CPE
altium / altium enterprise server	`cpe:2.3:a:altium:altium_enterprise_server::::::::`