Primary

Context

FalkorDB Browser Path Traversal Vulnerability Allowing Unauthenticated Remote Code Execution

Vulnerability

A path traversal vulnerability has been identified in FalkorDB Browser version 1.9.3. This vulnerability exists in the file upload API, where remote attackers can exploit the lack of proper authentication and validation to write arbitrary files. This file writing capability can be leveraged to execute remote code on the server.

Impact

Exploitation of this vulnerability allows for unauthenticated remote code execution on the server where FalkorDB Browser is running.

Remediation

Users can update to the latest version of FalkorDB Browser, which includes a patch for this vulnerability. Instructions for updating are available in the FalkorDB Browser repository on GitHub.

Added: Apr 10, 2026, 11:02 AM

Updated: Apr 10, 2026, 11:02 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

7.4

remediation

0.0

relevance

5.6

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

7.4

remediation

0.0

relevance

5.6

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

FalkorDB Browser Path Traversal Vulnerability Allowing Unauthenticated Remote Code Execution

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating