Skip to main content

Ubuntu Linux CVE-2026-58251

| EUVDEUVD-2026-42369 MEDIUM
Improper Authorization (CWE-285)
2026-07-06 vendor:ubuntu
6.5
CVSS 3.1 · Vendor: vendor:ubuntu
Share

Severity by source

Vendor (vendor:ubuntu) PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Primary rating from Vendor (vendor:ubuntu) · only source for this CVE.

CVSS VectorVendor: vendor:ubuntu

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

3
Patch available
Jul 08, 2026 - 21:04 EUVD
CVSS changed
Jul 08, 2026 - 20:22 NVD
6.5 (MEDIUM)
Analysis Generated
Jul 06, 2026 - 20:17 vuln.today

DescriptionCVE.org

[Unknown description]

AnalysisAI

CVE-2026-58251 has been reported by Ubuntu with no description, CVSS score, CWE classification, or technical details available at time of analysis. The affected component, attack vector, and impact are entirely unknown. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Unknown
Exploit
Unknown
Impact
Unknown

Vulnerability AssessmentAI

Exploitation Exploitation conditions are entirely unknown - no description, CVSS vector, or technical detail is available to identify required configuration, authentication level, network access, or enabling features. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Risk cannot be assessed. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario No exploit scenario can be constructed. The attack surface, vector, and impact are entirely unknown due to the absence of a CVE description, CVSS vector, and any technical intelligence. …
Remediation No remediation guidance is possible at this time. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2021-3127 HIGH POC
7.5 Mar 16

NATS Server 2.x before 2.2.0 and JWT library before 2.0.1 have Incorrect Access Control because Import Token bindings ar

CVE-2020-26892 CRITICAL
9.8 Nov 06

The JWT library in NATS nats-server before 2.1.9 has Incorrect Access Control because of how expired credentials are han

CVE-2020-28466 HIGH
7.5 Mar 07

This affects all versions of package github.com/nats-io/nats-server/server. Rated high severity (CVSS 7.5), this vulnera

CVE-2022-24450 HIGH
8.8 Feb 08

NATS nats-server before 2.7.2 has Incorrect Access Control. Rated high severity (CVSS 8.8), this vulnerability is remote

CVE-2026-58253 HIGH
8.8 Jul 06

Authentication bypass in NATS Server (nats-io/nats-server) lets an unauthenticated attacker on an adjacent network conne

CVE-2026-58250 HIGH
7.5 Jul 06

Remote denial of service in the NATS Server (nats-io/nats-server) leafnode subsystem allows unauthenticated attackers to

CVE-2026-58210 HIGH
7.5 Jul 06

Denial of service in NATS Server (nats-server) MQTT handler allows a remote, unauthenticated client to exhaust server me

CVE-2019-13126 HIGH
7.5 Jul 29

An integer overflow in NATS Server before 2.0.2 allows a remote attacker to crash the server by sending a crafted reques

CVE-2026-58208 HIGH
7.5 Jul 06

Remote denial-of-service in NATS Server (nats-server) affects deployments with the WebSocket listener enabled but MQTT d

CVE-2023-46129 HIGH
7.5 Oct 31

NATS.io is a high performance open source pub-sub distributed communication technology, built for the cloud, on-premise,

CVE-2020-26521 HIGH
7.5 Nov 06

The JWT library in NATS nats-server before 2.1.9 allows a denial of service (a nil dereference in Go code). Rated high s

CVE-2026-58213 HIGH
7.1 Jul 06

Protocol injection in NATS Server MQTT support allows an authenticated MQTT client to smuggle control characters (tab, n

Share

CVE-2026-58251 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy