LinkAce CVE-2026-45344
HIGHCVSS VectorNVD
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
LinkAce is a self-hosted archive to collect website links. Prior to 2.5.6, the setup database configuration flow on uninitialized LinkAce instances accepts attacker-controlled database credential fields and writes them back into .env without escaping. A remote attacker who can reach the setup endpoints and supply a database they control can inject mail configuration variables and achieve command execution when the application later sends mail. This vulnerability is fixed in 2.5.6.
AnalysisAI
Remote code execution in LinkAce self-hosted link archive versions prior to 2.5.6 allows unauthenticated remote attackers to inject arbitrary mail configuration variables into the application's .env file via the initial setup database configuration flow, leading to command execution when the application subsequently sends mail. The flaw, classified as CWE-74 injection, affects instances that have not yet completed the setup wizard and carries a CVSS 8.1 (High). …
Sign in for full analysis, threat intelligence, and remediation guidance.
RemediationAI
Within 24 hours: Audit all LinkAce deployments to identify running versions and setup completion status; restrict network access to instances with incomplete setup. Within 7 days: Upgrade all LinkAce instances to version 2.5.6 or later and complete the setup wizard. …
Sign in for detailed remediation steps.
Share
External POC / Exploit Code
Leaving vuln.today