Ecosystem	Package	Version

Vulnerabilities

CVE-2026-2604

CVE-2026-2604

evolution-data-server - External Control of File Name or Path

Published Feb 17, 2026

https://access.redhat.com/security/cve/cve-2026-2604 https://bugzilla.redhat.com/show_bug.cgi?id=2440301

CVSS ScoreMedium

6.9

Ecosystem	Package	Version


rpm	evolution-data-server	2.28.3-10.el6
rpm	evolution-data-server	2.28.3-15.el6
rpm	evolution-data-server	2.28.3-16.el6
rpm	evolution-data-server	2.32.3-18.el6
rpm	evolution-data-server	2.32.3-21.el6
rpm	evolution-data-server	2.32.3-23.el6
rpm	evolution-data-server	2.32.3-25.el6
rpm	evolution-data-server	3.12.11-24.el7
rpm	evolution-data-server	3.12.11-37.el7
rpm	evolution-data-server	3.22.7-6.el7
rpm	evolution-data-server	3.22.7-8.el7
rpm	evolution-data-server	3.28.5-1.el7
rpm	evolution-data-server	3.28.5-11.el8
rpm	evolution-data-server	3.28.5-13.el8
rpm	evolution-data-server	3.28.5-14.el8
rpm	evolution-data-server	3.28.5-15.el8
rpm	evolution-data-server	3.28.5-17.el8
rpm	evolution-data-server	3.28.5-19.el8
rpm	evolution-data-server	3.28.5-19.el8_6.1
rpm	evolution-data-server	3.28.5-20.el8
rpm	evolution-data-server	3.28.5-24.el8
rpm	evolution-data-server	3.28.5-3.el7
rpm	evolution-data-server	3.28.5-4.el7
rpm	evolution-data-server	3.28.5-5.el7
rpm	evolution-data-server	3.28.5-5.el7_9.1
rpm	evolution-data-server	3.28.5-9.el8
rpm	evolution-data-server	3.40.4-3.el9
rpm	evolution-data-server	3.40.4-3.el9_0.1
rpm	evolution-data-server	3.40.4-6.0.1.el9
rpm	evolution-data-server	3.40.4-6.el9
rpm	evolution-data-server	3.40.4-9.el9
rpm	evolution-data-server	3.52.4-1.el10
rpm	evolution-data-server	3.52.4-3.el10
rpm	evolution-data-server	3.8.5-23.el7
rpm	evolution-data-server	3.8.5-24.el7_0
rpm	evolution-data-server	3.8.5-34.el7

CVE-2026-2604 | Components Impacted | Sonatype Guide | Sonatype Guide