CVE-2026-56291
Balbooa Forms Unrestricted Upload of File with Dangerous Type Vulnerability
⚠ KEVEPSS 0.28%
Description
Balbooa Forms contains an unrestricted upload of file with dangerous type vulnerability that allows an unauthenticated arbitrary file upload which could allow uploading of executable files leading to full RCE.
How to fix CVE-2026-56291
No package mapping is available — consult the references below for vendor-specific guidance.
Is CVE-2026-56291 being exploited?
Yes — CVE-2026-56291 is on the CISA Known Exploited Vulnerabilities (KEV) catalog. Patch immediately.
Affected packages (0)
No package mapping in OSV.