CVE-2026-9053

UNKNOWN NVD

CVSS Score 0

Severity UNKNOWN

Published May 22, 2026

Vendor unknown

Description

Mothra would respect a default value given by a website for HTML file upload forms. An attacker could craft a website with a malicious default file path, and then conceal this form element.

References

https://git.9front.org/plan9front/9front/d145acc9ef0da47131af6ad94e87264e04870d47/commit.html