CVE-2026-30117
UNKNOWN
NVD
CVSS Score
0
Severity
UNKNOWN
Published
May 19, 2026
Vendor
unknown
Description
scalar/astro v0.1.13 was discovered to contain an arbitrary file upload vulnerability in the the scalar_url query parameter of the Scalar Proxy endpoint. This vulnerability allows attackers to execute arbitrary code via uploading a crafted SVG file.