CVE-2026-1194

MEDIUM5.3EPSS 0.07%

MineAdmin May Expose Sensitive Information to an Unauthorized Actor

發布日:2026/1/20修改日:2026/2/5

描述

A security flaw has been discovered in MineAdmin 1.x/2.x. This affects an unknown function of the component Swagger. The manipulation results in information disclosure. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

受影響套件(1)

Packagist/mineadmin/mineadmin>= 1.0.0, <= 2.0.3

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 4.0	—	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
osv	CVSS 3.1	MEDIUM5.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

參考連結(6)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2026-1194
PATCHhttps://github.com/mineadmin/MineAdmin
WEBhttps://github.com/SourByte05/MineAdmin-Vulnerability/issues/5
WEBhttps://vuldb.com/?ctiid.341779
WEBhttps://vuldb.com/?id.341779
WEBhttps://vuldb.com/?submit.734271