A vulnerability was found in Easy Chat Server 3.1 . It has been declared as critical . Impacted is an unknown function. The manipulation of the argument Username results in path traversal. This vulnerability was named CVE-2026-36227 . The attack may be performed from remote. There is no available exploit.