CVE-2026-22096

Severity CVSS v4.0:
CRITICAL
Type:
CWE-306 Missing Authentication for Critical Function
Publication date:
13/07/2026
Last modified:
13/07/2026

Description

The webserver running on port 8090 does not require authentication. This allows for sensitive information leakage such as configured passwords, or uploading files through different endpoints.

References to Advisories, Solutions, and Tools