CVE-2026-42028

Published May 8th, 2026

View on NVD ↗

CVSS v3

5.3

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

novaGallery is a php image gallery. Prior to version 2.1.1, a path traversal vulnerability has been identified in novaGallery. This allows unauthenticated users to read image files outside the intended gallery root directory. This issue has been patched in version 2.1.1.

novaGallery/novagallery

novaGallery - a beautiful and and ease to use php image gallery for your photos - flat file - no database required - modern responsive design

GitHub

102