CVE-2026-50234

HIGH NVD

CVSS Score 7.5

Severity HIGH

Published Jun 05, 2026

Vendor unknown

Description

Lyrion Music Server 9.2.0 contains a path traversal vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting directory traversal in the web server context. Attackers can manipulate file path parameters to access sensitive files outside the intended directory structure.

References

https://www.vulncheck.com/advisories/lyrion-music-server-path-traversal-file-read
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2026-5992.php