Unauthenticated API Key Exposure in Vane /api/config Endpoint (CVE-2024-XXXX)

github.com 2026-05-24English translation pending; showing Chinese查看中文 →

Security AdvisoryCVE-2024-XXXXHighItzCrazyKns/Vane

Affected:

Vane 1.12.1

Referenced CVEs: CVE-2026-9371 · 5.6

文章内图片已隐藏以节省流量 · Upgrade to Pro to view images & offline archive

This content was auto-fetched from github.com, cleaned by our LLM pipeline, and translated to English. View original.

More from this source

TOTOLINK A8000RU Router cstecgi.cgi Command Injection Vulnerability with PoC 2026-05-25 TOTOLINK A8000RU cstecgi.cgi Command Injection Vulnerability and PoC 2026-05-25 TOTOLINK A8000RU Router Command Injection via cstecgi.cgi 2026-05-25 TOTOLINK A8000RU Router cstecgi.cgi Remote Code Execution Vulnerability with PoC 2026-05-25 TOTOLINK A8000RU Router Command Injection Vulnerability with PoC 2026-05-25

Offline Archive

Offline screenshot & PDF are Pro-exclusive