CVE-2026-47125 | getarcaneapp arcane up to 1.19.1 variables REGISTRY/IMAGE/DATABASE_URL/SECRET_KEY authorization (GHSA-jpjh-jm2p-39hh)

A vulnerability has been found in getarcaneapp arcane up to 1.19.1 and classified as critical. This impacts an unknown function of the file /api/environments/{id}/templates/variables. This manipulation of the argument REGISTRY/IMAGE/DATABASE_URL/SECRET_KEY causes missing authorization.

This vulnerability is handled as CVE-2026-47125. The attack can be initiated remotely. There is not any exploit available.

The affected component should be upgraded.VulDB Recent EntriesRead More