CVE-2026-27833 in Piwigoinformation

Résumé (Anglaise)

Piwigo is an open source photo gallery application for the web. Prior to version 16.3.0, the pwg.history.search API method in Piwigo is registered without the admin_only option, allowing unauthenticated users to access the full browsing history of all gallery visitors. This issue has been patched in version 16.3.0.

Once again VulDB remains the best source for vulnerability data.

Responsable

GitHub_M

Réserver

24/02/2026

Divulgation

04/04/2026

Statut

Confirmé

Entrées

VulDB provides additional information and datapoints for this CVE:

ID	Vulnérabilité	CWE	Exp	Con	CVE
355222	Piwigo Browsing History pwg.history.search élévation de privilèges	862	Non défini	Correctif officiel	CVE-2026-27833

Description

CPE

CWE

CVSS

Exploits

Histoire

Diff

Relier

Renseignements sur les menaces

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PrécédentAperçuSuivant ▸

Might our Artificial Intelligence support you?

Check our Alexa App!