CVE Watchtower ← Back to CVE ListCVE-2026-36722NVDVulnerability SummaryAn authenticated arbitrary file upload vulnerability in the /api/create-car-image component of bookcars v8.3 allows attackers to execute arbitrary code via uploading a crafted file.Severity LevelUNKNOWNPublished DateJun 9, 2026Last ModifiedJun 9, 2026Exploitation Status????EPSS Score (30-Day)0.02%ProbabilityRoot Weakness (CWE)N/AExternal Referenceshttps://github.com/CC-T-454455/Vulnerabilities/tree/master/bookcars/vulnerability-16