CVE-2026-1195

Name of the Vulnerable Software and Affected Versions MineAdmin versions 1.x and 2.x

Description A weakness exists due to insufficient verification of data authenticity within the JWT Token Handler component. This issue affects the refresh function of the /system/refresh file. The attack can be initiated remotely and is considered to have high complexity, though exploitability is difficult. The exploit has been publicly released. The vendor was notified but did not respond.

Recommendations Versions prior to 1.x and 2.x should be updated. As a temporary workaround, consider disabling the refresh function until a patch is available. Restrict access to the /system/refresh file to minimize the risk of exploitation.