CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-40184

TREK is a collaborative travel planner. Prior to 2.7.2, TREK served uploaded photos without requiring authentication. This vulnerability is fixed in 2.7.2.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 18.7%

CVSS Severity

CVSS v3 Score 3.7

References

https://github.com/mauriceboe/TREK/commit/16277a3811a00c2983f7486fee83c112986cb179
https://github.com/mauriceboe/TREK/releases/tag/v2.7.2
https://github.com/mauriceboe/TREK/security/advisories/GHSA-wxx3-84fc-mrx2

Products affected by CVE-2026-40184

Mauriceboe » Trek » Version: Any

cpe:2.3:a:mauriceboe:trek:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-40184

Products

Pricing

Contact Us