CVE-2026-24124 | dragonflyoss dragonfly up to 2.4.0 Job API Endpoint /api/v1/jobs missing authentication (GHSA-j8hf-cp34-g4j7)

Inserito da Angelo Barbosa | Gen 23, 2026 | CVE

A vulnerability categorized as critical has been discovered in dragonflyoss dragonfly up to 2.4.0. Impacted is an unknown function of the file /api/v1/jobs of the component Job API Endpoint. Executing a manipulation can lead to missing authentication.

This vulnerability is registered as CVE-2026-24124. It is possible to launch the attack remotely. No exploit is available.

It is advisable to upgrade the affected component.

CVE-2026-24124 | dragonflyoss dragonfly up to 2.4.0 Job API Endpoint /api/v1/jobs missing authentication (GHSA-j8hf-cp34-g4j7)

Post correlati

CVE-2025-49008 | Atheos up to 6.0.3 execute.php escapeshellcmd os command injection (GHSA-rwc2-4q8c-xj48)

CVE-2024-11439 | ScanCircle Plugin up to 2.9.2 on WordPress cross site scripting

CVE-2024-58003 | Linux Kernel up to 6.6.77/6.12.13/6.13.2 fwnode_handle_put denial of service

CVE-2024-2763 | Tenda AC10U 15.03.06.48 goform/setcfm formSetCfm funcpara1 stack-based overflow