CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-40084

mediumCVSS 6.5covered by 1 sourcefirst seen 2026-06-25
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Path Traversal through the Report format_file Parameter, causing arbitrary file read. This vulnerability occurs in two stages. In the first stage (stored injection), lib/html_reports.php at line 283 stores $save['format_file'] = $post['format_file'] directly into the database without any validation. In the second stage (file read), lib/reports.php at line 667 concatenates CACTI_PATH_FORMATS . '/' . $format_file, and line 670 then calls file($format_file), reading arbitrary files from the filesystem. This issue has been fixed in version 1.2.31.

⚡ Watch CVE-2026-40084

Get an email if CVE-2026-40084 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (1)

External references

NVD record for CVE-2026-40084

CVE.org record

Embed the live status

CVE-2026-40084 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2026-40084 status](https://www.csirts.com/badge/CVE-2026-40084)](https://www.csirts.com/cve/CVE-2026-40084)