Skip to main content

cve-search CVE-2026-59509

| EUVDEUVD-2026-41753 CRITICAL
Improper Input Validation (CWE-20)
2026-07-05 CIRCL GHSA-3fmp-59v6-4qw2
9.2
CVSS 4.0 · Vendor: CIRCL
Share

Severity by source

Vendor (CIRCL) PRIMARY
9.2 CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
8.6 HIGH

Remote unauthenticated read with no interaction (AV:N/AC:L/PR:N/UI:N); reading a separate credential store beyond the app's own data justifies S:C with C:H and no integrity or availability impact.

3.1 AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N

Primary rating from Vendor (CIRCL).

CVSS VectorVendor: CIRCL

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

1
Analysis Generated
Jul 05, 2026 - 13:02 vuln.today

DescriptionCVE.org

An unauthenticated improper input validation vulnerability in the POST /fetch_cve_data endpoint in cve-search. A remote attacker can manipulate request parameters controlling the MongoDB collection, projected fields, and regular-expression filters to read arbitrary application MongoDB collections. This can expose administrative usernames and password hashes from the mgmt_users collection, enabling offline password cracking and potential administrative account compromise.

AnalysisAI

Arbitrary MongoDB collection disclosure in cve-search allows a remote, unauthenticated attacker to read any application database collection through the POST /fetch_cve_data endpoint by manipulating the collection name, projected fields, and regex filter parameters. Attackers can dump the mgmt_users collection to harvest administrative usernames and password hashes for offline cracking. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Reach exposed cve-search endpoint
Delivery
Craft POST /fetch_cve_data with collection=mgmt_users
Exploit
Inject field projection and regex filters
Execution
Read admin usernames and password hashes
Persist
Crack hashes offline
Impact
Authenticate as administrator

Vulnerability AssessmentAI

Exploitation Exploitation requires network reachability to a running cve-search instance and the ability to send requests to the POST /fetch_cve_data endpoint; per the CVSS vector (PR:N/UI:N/AC:L/AT:N) no authentication, user interaction, or special preconditions are needed against a default deployment. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The signals are consistent and point to a genuine priority for anyone running cve-search. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who can reach a cve-search instance sends a crafted POST to /fetch_cve_data that sets the target collection to mgmt_users and projects the username and password-hash fields, receiving the administrative credential records in the response. They then crack the hashes offline and log in as an administrator. …
Remediation Apply the upstream fix from pull request https://github.com/cve-search/cve-search/pull/1218 by updating to the patched cve-search build (an exact release version is not enumerated in the input, so pull the fixed commit/latest release from the project). … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Apply vendor patch for CVE-2026-59509 or take cve-search offline. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-59509 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy