CVE-2026-22683 | Windmill Community Edition/Enterprise Edition up to 1.614.0 Backend API raw_apps authorization

Inserito da Angelo Barbosa | Apr 7, 2026 | CVE

A vulnerability described as critical has been identified in Windmill Community Edition and Enterprise Edition up to 1.614.0. This affects the function raw_apps of the component Backend API. The manipulation results in missing authorization.

This vulnerability is identified as CVE-2026-22683. The attack can be executed remotely. There is not any exploit available.

Upgrading the affected component is recommended.

CVE-2026-22683 | Windmill Community Edition/Enterprise Edition up to 1.614.0 Backend API raw_apps authorization

Post correlati

CVE-2024-36251 | Sharp/Toshiba Tec MFP HTTP Request billcodedef_sub_sel.html out-of-bounds

CVE-2025-23091 | Ubiquiti UDM up to 4.1 Application Update channel accessible

CVE-2025-53477 | Apache NimBLE 1.7.0/1.8.0 Host HCI Layer null pointer dereference

CVE-2024-13020 | code-projects Chat System 1.0 /admin/chatroom.php id sql injection