CVE-2026-9129
published 2026-05-20CVE-2026-9129: A path traversal vulnerability exists in the Altium Enterprise Server Viewer StorageController due to improper handling of file path route parameters. On…
PriorityP356critical9.4CVSS 4.0
AVNACLATNPRLUINVCHVIHVAHSCHSIHSAHEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EPSS
0.24%
14.9th percentile
A path traversal vulnerability exists in the Altium Enterprise Server Viewer StorageController due to improper handling of file path route parameters. On on-premise deployments that use local filesystem storage, a regular authenticated user can supply a URL-encoded absolute path (such as an encoded drive letter) in a Viewer storage API request, causing the configured storage root to be discarded and allowing arbitrary files to be read from the server filesystem.
Because the readable files include the server's master configuration, which stores database credentials, signing key locations, certificate passwords, and OAuth secrets, exploitation can lead to disclosure of all server secrets and full compromise of the server and its data. Cloud deployments are not affected, as they use object storage and do not enable this component.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| altium | altium_enterprise_server | < 8.0.4 | 8.0.4 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Altium Enterprise Server up to 8.0.3 Viewer Storage API path traversal
vuldb·2026-05-20·CVSS 9.4
CVE-2026-9129 [CRITICAL] Altium Enterprise Server up to 8.0.3 Viewer Storage API path traversal
A vulnerability was found in Altium Enterprise Server up to 8.0.3. It has been rated as critical. This impacts an unknown function of the component Viewer Storage API. This manipulation causes path traversal.
This vulnerability is registered as CVE-2026-9129. Remote exploitation of the attack is possible. No exploit is available.
Upgrading the affected component is advised.
GHSA
GHSA-3qfq-f4q6-pq76: A path traversal vulnerability exists in the Altium Enterprise Server Viewer StorageController due to improper handling of file path route parameters
ghsa_unreviewed·2026-05-20
CVE-2026-9129 [CRITICAL] CWE-22 GHSA-3qfq-f4q6-pq76: A path traversal vulnerability exists in the Altium Enterprise Server Viewer StorageController due to improper handling of file path route parameters
A path traversal vulnerability exists in the Altium Enterprise Server Viewer StorageController due to improper handling of file path route parameters. On on-premise deployments that use local filesystem storage, a regular authenticated user can supply a URL-encoded absolute path (such as an encoded drive letter) in a Viewer storage API request, causing the configured storage root to be discarded and allowing arbitrary files to be read from the server filesystem.
Because the readable files include the server's master configuration, which stores database credentials, signing key locations, certificate passwords, and OAuth secrets, exploitation can lead to disclosure of all server secrets and full compromise of the server and its data. Cloud deployments are not affected, as they use object
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-05-20
Published