Vulnerability Details CVE-2025-26352
A CWE-35 "Path Traversal" in the template deletion mechanism in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacker to delete sensitive files via crafted HTTP requests.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.018
EPSS Ranking 82.3%
CVSS Severity
CVSS v3 Score 6.5