{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-12T11:57:13.434","vulnerabilities":[{"cve":{"id":"CVE-2026-28270","sourceIdentifier":"security-advisories@github.com","published":"2026-02-27T21:16:18.397","lastModified":"2026-03-04T19:50:06.187","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Kiteworks is a private data network (PDN). Prior to version 9.2.0, a vulnerability in Kiteworks configuration allows uploading of arbitrary files without proper validation. Malicious administrators could exploit this to upload unauthorized file types to the system. Version 9.2.0 contains a patch for the issue."},{"lang":"es","value":"Kiteworks es una red de datos privada (PDN). Antes de la versión 9.2.0, una vulnerabilidad en la configuración de Kiteworks permite la carga de archivos arbitrarios sin la validación adecuada. Administradores maliciosos podrían explotar esto para cargar tipos de archivos no autorizados al sistema. La versión 9.2.0 contiene un parche para el problema."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:accellion:kiteworks:*:*:*:*:*:*:*:*","versionEndExcluding":"9.2.0","matchCriteriaId":"B494C8D4-2D4B-4F5E-99C1-4CCE8DF6C911"}]}]}],"references":[{"url":"https://github.com/kiteworks/security-advisories/security/advisories/GHSA-v8x9-vwg6-cj45","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}}]}