A vulnerability was found in fccview jotty up to 1.21.x . It has been classified as critical . The affected element is an unknown function of the file /api/app-icons/ . The manipulation of the argument filename leads to path traversal. This vulnerability is referenced as CVE-2026-42564 . Remote exploitation of the attack is possible. No exploit is available. Upgrading the affected component is recommended.