Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-8326
PUBLISHED
More InfoOfficial Page
Assigner-NCSC.ch
Assigner Org ID-455daabc-a392-441d-aa46-37d35189897c
View Known Exploited Vulnerability (KEV) details
Published At-29 May, 2026 | 11:47
Updated At-29 May, 2026 | 13:34
Rejected At-
▼CVE Numbering Authority (CNA)
Remote Spark SparkView Path Traversal in RDP Drive Redirection leading to RCE

Path traversal vulnerability in Remote Spark (https://www.Remotespark.Com/) SparkView allows reading and writing arbitrary files in all directories as root. This leads to RCE. The affected component is the RDP drive redirection.  Depending on implementation, the vulnerability can be exploited by an unauthenticated attacker. This issue affects SparkView: before build 1127.

Affected Products
Vendor
Remote Spark (https://www.remotespark.com/)
Product
SparkView
Default Status
unaffected
Versions
Affected
  • From 0 before build 1127 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-23CWE-23 Relative path traversal
Type: CWE
CWE ID: CWE-23
Description: CWE-23 Relative path traversal
Metrics
VersionBase scoreBase severityVector
4.010.0CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
Version: 4.0
Base score: 10.0
Base severity: CRITICAL
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-75CAPEC-75 Manipulating Writeable Configuration Files
CAPEC-242CAPEC-242 Code Injection
CAPEC-126CAPEC-126 Path Traversal
CAPEC ID: CAPEC-75
Description: CAPEC-75 Manipulating Writeable Configuration Files
CAPEC ID: CAPEC-242
Description: CAPEC-242 Code Injection
CAPEC ID: CAPEC-126
Description: CAPEC-126 Path Traversal
Solutions

Update to build 1127

Configurations
Workarounds
Exploits
Credits
finder
Manuel Feifel of InfoGuard Labs
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.remotespark.com/view/new.html
release-notes
Hyperlink: https://www.remotespark.com/view/new.html
Resource:
release-notes
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found