CVE-2026-1330: Arbitrary File Read vulnerability in MeetingHub developed by HAMASTAR Technology

This high-severity vulnerability in MeetingHub allows an unauthenticated attacker to read arbitrary files from the server. This can expose sensitive configuration files, user data, or other critical system information.

Consider a public-facing bulletin board where, by leaving a specific "note" (malicious input), you can trick the system into displaying confidential office documents hidden in a backroom. This vulnerability operates similarly by allowing an attacker to craft a request that bypasses access controls, forcing the server to reveal the content of any file it can access, even those meant to be private.