Vulnerability Details CVE-2026-0963
An input neutralization vulnerability in the File Operations API Endpoint component of Crafty Controller allows a remote, authenticated attacker to perform file tampering and remote code execution via path traversal.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 29.1%
CVSS Severity
CVSS v3 Score 9.9
Products affected by CVE-2026-0963
-
cpe:2.3:a:craftycontrol:crafty_controller:4.7.0