Opds Talon
CVE-2026-26096
MEDIUM
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Lifecycle Timeline
2DescriptionCVE.org
Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File Manipulation via a crafted network request.
AnalysisAI
Opds-Talon versions up to 2.2.0.4 is affected by incorrect permission assignment for critical resource (CVSS 5.5).
Technical ContextAI
This vulnerability (CWE-732: Incorrect Permission Assignment for Critical Resource) affects Opds-Talon. Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File Manipulation via a crafted network request.
RemediationAI
Monitor vendor advisories for a patch.
More in Opds Talon
View allCommand injection in Owl OPDS 2.2.0.4. EPSS 0.29%.
Command injection in Owl OPDS 2.2.0.4 — duplicate of CVE-2026-26093.
Opds-Talon versions up to 2.2.0.4 is affected by incorrect permission assignment for critical resource (CVSS 7.8).
Opds-Talon versions up to 2.2.0.4 is affected by incorrect permission assignment for critical resource (CVSS 7.8).
Opds-Talon versions up to 2.2.0.4 is affected by incorrect permission assignment for critical resource (CVSS 5.5).
Owl OPDS 2.2.0.4 contains an uncontrolled search path vulnerability that allows local authenticated attackers to manipul
Opds Talon 2.2.0.4 contains an uncontrolled search path vulnerability that allows local authenticated attackers to manip
Opds Talon 2.2.0.4 contains an uncontrolled search path vulnerability that allows local attackers with user privileges t
Opds-Talon versions up to 2.2.0.4 is affected by incorrect permission assignment for critical resource (CVSS 5.5).
Same technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today