Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

Kavita Pre-Auth Account Takeover via JWT Validation Failure (CVE-2026-47202)

github.com 2026-05-27查看中文 →
Security AdvisoryGHSA-m2v3-fqjh-hm22CriticalKareadita/Kavita
Affected:
  • Kavita <= 0.9.0
Fixed in:
  • 0.9.2
Referenced CVEs: CVE-2026-47202
文章内图片已隐藏以节省流量 · Upgrade to Pro to view images & offline archive
This content was auto-fetched from github.com, cleaned by our LLM pipeline, and translated to English. View original.
More from this source
Budibase Public API Role Unassignment Cache Invalidation Bypass 2026-05-28 CVE-2024-42553: Cinny Access Token Disclosure via Malicious Emoji Pack 2026-05-28 Budibase SSRF Vulnerability: Plugin URL Upload .tar.gz Substring Bypass and Blacklist Bypass 2026-05-28 Unauthenticated Arbitrary File Write in Dalfox Server Mode 2026-05-28 Budibase SSRF Bypass in REST Datasource via HTTP Redirect (PoC) 2026-05-28
Offline Archive

Offline screenshot & PDF are Pro-exclusive

Upgrade to Pro