{"uuid": "128f0773-8983-442d-a46d-7af7b61fbe93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-23734", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116612099529875004", "content": "\u26a0\ufe0f CRITICAL: CVE-2026-23734 in XWiki Platform (xwiki-commons) allows unauthenticated path traversal \u2014 attackers can read config files via crafted 'resource' parameters. Patch to 18.1.0-rc-1, 17.10.3, 17.4.9, or 16.10.17+ now! https://radar.offseq.com/threat/cve-2026-23734-cwe-23-relative-path-traversal-in-x-16518aab #OffSeq #xwiki #vuln", "creation_timestamp": "2026-05-21T10:30:29.608958Z"}