arcane — Vulnerabilities & Security Advisories 4

All 4 CVE vulnerabilities found in arcane, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2026-40242	Arcane Unauthenticated SSRF with Conditional Response Reflection in Template Fetch Endpoint CWE-918	7.2	High	2026-04-10
CVE-2026-23944	Arcane allows unauthenticated proxy access to remote environments CWE-306	8.6^AI	High^AI	2026-01-19
CVE-2026-23520	Arcane has a Command Injection in Arcane Updater Lifecycle Labels Enables RCE CWE-78	9.1	Critical	2026-01-15
CVE-2025-69031	WordPress Arcane theme <= 3.6.6 - Broken Access Control vulnerability CWE-862	5.3	Medium	2025-12-30

All 4 known CVE vulnerabilities affecting arcane with full Chinese analysis, references, and POCs where available.