CVE-2026-31309

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
08/07/2026
Last modified:
08/07/2026

Description

Improper authorization in the /tequilapi/config/user endpoint of Mysterium Node before v1.36.0 allows unauthenticated attackers to arbitrarily overwrite the node's configuration and achieve a full node takeover via supplying a crafted POST request.

Impact