CVE-2026-3839

Name of the Vulnerable Software and Affected Versions Unraid (affected versions not specified)

Description A path traversal authentication bypass issue exists in Unraid’s authentication request process. This allows remote attackers to bypass authentication on affected systems without needing to authenticate. The flaw is located in the auth-request.php file and is due to insufficient validation of a user-supplied path before it is used during authentication. An attacker can exploit this to bypass authentication on the system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.