CVE-2026-40071 | pyLoad up to 0.5.0b3.dev96 WebUI JSON Endpoint /json/package_order authorization

Inserito da Angelo Barbosa | Apr 9, 2026 | CVE

A vulnerability was found in pyLoad up to 0.5.0b3.dev96. It has been classified as problematic. Affected is an unknown function of the file /json/package_order of the component WebUI JSON Endpoint. This manipulation causes incorrect authorization.

This vulnerability is handled as CVE-2026-40071. The attack can be initiated remotely. There is not any exploit available.

Upgrading the affected component is recommended.

CVE-2026-40071 | pyLoad up to 0.5.0b3.dev96 WebUI JSON Endpoint /json/package_order authorization

Post correlati

CVE-2025-64430 | parse-community parse-server up to 7.5.3/8.4.0-alpha.1 Parse.File uri server-side request forgery (GHSA-x4qj-2f4q-r4rx)

CVE-2024-40487 | Kashipara Live Membership System 1.0 /view_type.php membershipType cross site scripting

CVE-2024-28056 | Amazon AWS Amplify CLI up to 12.10.0 improper authentication

CVE-2024-8267 | Radio Player Plugin up to 2.0.78 on WordPress Attribute align cross site scripting