CVE-2026-33124 | blakeblackshear frigate up to 0.16.x Password Reset password improper authentication

Inserito da Angelo Barbosa | Mar 20, 2026 | CVE

A vulnerability was found in blakeblackshear frigate up to 0.16.x. It has been declared as critical. The affected element is an unknown function of the file /users/{username}/password of the component Password Reset Handler. The manipulation results in improper authentication.

This vulnerability is known as CVE-2026-33124. It is possible to launch the attack remotely. No exploit is available.

It is recommended to upgrade the affected component.

CVE-2026-33124 | blakeblackshear frigate up to 0.16.x Password Reset password improper authentication

Post correlati

CVE-2025-66835 | TrueConf Client 8.5.2 wfapi.dll uncontrolled search path

CVE-2024-20738 | Adobe FrameMaker Publishing Server up to 2022 Update 1 improper authentication (apsb24-10)

CVE-2025-15167 | itsourcecode Online Cake Ordering System 1.0 /detailtransac.php ID sql injection

CVE-2025-6967 | Sarman CMS up to 10022026 Technology Service redirect