Skip to main content

Mysti

1 CVEs product

Monthly

CVE-2026-14611 MEDIUM PATCH This Month

Information disclosure in DeepMyst Mysti's Per-Project Auto-Memory Handler allows low-privileged remote attackers to expose resources by supplying a manipulated workspacePath argument to the initProjectMemory function in src/managers/MemoryManager.ts. EUVD-2026-41610 confirms versions 0.1 through 0.4.0 are affected. No active exploitation (CISA KEV) or public exploit code has been identified at time of analysis; the CVSS 4.0 score of 5.3 reflects a limited, confidentiality-only impact with no integrity or availability consequences.

Information Disclosure Mysti
NVD VulDB GitHub
CVSS 4.0
5.3
EPSS
0.3%
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Information disclosure in DeepMyst Mysti's Per-Project Auto-Memory Handler allows low-privileged remote attackers to expose resources by supplying a manipulated workspacePath argument to the initProjectMemory function in src/managers/MemoryManager.ts. EUVD-2026-41610 confirms versions 0.1 through 0.4.0 are affected. No active exploitation (CISA KEV) or public exploit code has been identified at time of analysis; the CVSS 4.0 score of 5.3 reflects a limited, confidentiality-only impact with no integrity or availability consequences.

Information Disclosure Mysti
NVD VulDB GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy