CVE-2026-9371 | ItzCrazyKns Vane up to 1.12.1 API route.ts missing authentication (1122/1123)

May 23, 2026 Yanac

A vulnerability has been found in ItzCrazyKns Vane up to 1.12.1 and classified as problematic. Affected by this issue is some unknown functionality of the file route.ts of the component API. The manipulation leads to missing authentication.

This vulnerability is listed as CVE-2026-9371. The attack may be initiated remotely. In addition, an exploit is available.

It is recommended to apply restrictive firewalling.

It appears that basic authentication is planned.VulDB Recent EntriesRead More