CVE-2026-1114 | parisneo lollms up to 2.1.x JSON Web Token access control

Inserito da Angelo Barbosa | Apr 7, 2026 | CVE

A vulnerability was found in parisneo lollms up to 2.1.x. It has been classified as critical. Affected is an unknown function of the component JSON Web Token Handler. This manipulation causes improper access controls.

This vulnerability is tracked as CVE-2026-1114. The attack is possible to be carried out remotely. No exploit exists.

Upgrading the affected component is recommended.

CVE-2026-1114 | parisneo lollms up to 2.1.x JSON Web Token access control

Post correlati

CVE-2025-5010 | moonlightL hexo-boot 4.3.0 Blog Backend /admin/home/index.html Description cross site scripting

CVE-2025-37122 | HPE Aruba Networking ClearPass Policy Manager up to 6.11.12/6.12.5 Web-based Management Interface cross site scripting

CVE-2025-9871 | Razer Synapse 3 Chrome Connect link following

CVE-2023-54228 | Linux Kernel up to 6.5.3 raa215300 clk_register_clkdev allocation of resources