CVE-2026-28289
CRITICALCVSS v3
10
CRITICAL
EPSS Score
22.3%
exploit probability
CISA KEV
No
known exploited
Exploitation
—
SSVC status
Description
FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. A patch bypass vulnerability for CVE-2026-27636 in FreeScout 1.8.206 and earlier allows any authenticated user with file upload permissions to achieve Remote Code Execution (RCE) on the server by uploading a malicious .htaccess file using a zero-width space character prefix to bypass the security check. The vulnerability exists in the sanitizeUploadedFileName() function in app/Http/Helper.php. The function contain
Technical Details
- CVSS v3 Vector
- 3.1
- Published
- 3/3/2026
- Last Modified
- 3/11/2026
Frequently Asked Questions
What is CVE-2026-28289?
FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. A patch bypass vulnerability for CVE-2026-27636 in FreeScout 1.8.206 and earlier allows any authenticated user with file upload permissions to achieve Remote Code Execution (RCE) on the server by uploading a malicious .htaccess file using a zero-width space character prefix to bypass the security check. The vulnerability exists in the sanitizeUploadedFileName() function in app/Http/Helper.php. The function contain
Is CVE-2026-28289 actively exploited?
Active exploitation of CVE-2026-28289 has not been confirmed. The EPSS score is 22.3%, indicating the estimated probability of exploitation in the next 30 days.
What is the CVSS score for CVE-2026-28289?
CVE-2026-28289 has a CVSS v3 base score of 10 (CRITICAL severity), with vector string 3.1.
Is CVE-2026-28289 affecting your environment?
Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.