CVE-2026-25538 | devtron-labs devtron up to 2.0.0 Attributes API Interface authorization (GHSA-8wpc-j9q9-j5m2)

Inserito da Angelo Barbosa | Feb 5, 2026 | CVE

A vulnerability was found in devtron-labs devtron up to 2.0.0. It has been declared as critical. The impacted element is an unknown function of the component Attributes API Interface. The manipulation results in missing authorization.

This vulnerability is identified as CVE-2026-25538. The attack can be executed remotely. There is not any exploit available.

It is best practice to apply a patch to resolve this issue.

CVE-2026-25538 | devtron-labs devtron up to 2.0.0 Attributes API Interface authorization (GHSA-8wpc-j9q9-j5m2)

Post correlati

CVE-2024-35835 | Linux Kernel up to 6.7.2 mlx5e arfs_create_groups double free

CVE-2025-69612 | TMS Management Console 6.3.7.27386.20250818 Profile Dashboard filePath path traversal

CVE-2023-6985 | 10Web AI Assistant Plugin up to 1.0.18 on WordPress Plugin Installation authorization

CVE-2024-7151 | Tenda O3 1.0.0.10(2478) /goform/setMacFilter fromMacFilterSet remark stack-based overflow