CVE-2026-35047

CRITICAL9.3Remote code exec

Description

Brave CMS is an open-source CMS. Prior to 2.0.6, an Unrestricted File Upload vulnerability in the CKEditor endpoint allows attackers to upload arbitrary files, including executable scripts. This may lead to Remote Code Execution (RCE) on the server, potentially resulting in full system compromise, data exfiltration, or service disruption. All users running affected versions of BraveCMS are impacted. This vulnerability is fixed in 2.0.6.

CVSS breakdown

CVSS 4.0

Attack Vector

Network

Attack Complexity

Low

Attack Requirements

None

Privileges Required

None

User Interaction

None

Confidentiality (Vulnerable System)

High

Integrity (Vulnerable System)

High

Availability (Vulnerable System)

High

Confidentiality (Subsequent System)

None

Integrity (Subsequent System)

None

Availability (Subsequent System)

None

Affected products

Ajax30 / BraveCMS-2.0< 2.0.6 – < 2.0.6

References

VENDOR_ADVISORYhttps://github.com/Ajax30/BraveCMS-2.0/security/advisories/GHSA-9rcc-w59j-965v
PATCHhttps://github.com/Ajax30/BraveCMS-2.0/pull/122
PATCHhttps://github.com/Ajax30/BraveCMS-2.0/commit/058ee4ed7c2b39d540af8274024afcbc9532aa83