PT-2026-35224 · 666Ghj · Mirofish
Yu_Bao
·
Published
2026-04-26
·
Updated
2026-04-26
·
CVE-2026-7042
CVSS v3.1
7.3
High
| AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |
A flaw has been found in 666ghj MiroFish up to 0.1.2. This affects the function create app of the file backend/app/ init .py of the component REST API Endpoint. Executing a manipulation can lead to missing authentication. It is possible to launch the attack remotely. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Exploit
Missing Authentication
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Mirofish