A vulnerability categorized as critical has been discovered in OpenKM Community Edition and Professional Edition up to 6.3.12 . This impacts an unknown function of the file /admin/Scripting of the component Administrative Scripting Interface . Such manipulation of the argument fsPath leads to path traversal. This vulnerability is referenced as CVE-2026-41917 . It is possible to launch the attack remotely. Furthermore, an exploit is available.