CVE-2026-39386 | m1k1o neko up to 3.0.10/3.1.1 /api/profile access control (GHSA-2gw9-c2r2-f5qf)

A vulnerability was found in m1k1o neko up to 3.0.10/3.1.1 and classified as critical. Affected is an unknown function of the file /api/profile. Executing a manipulation can lead to improper access controls.

This vulnerability is registered as CVE-2026-39386. It is possible to launch the attack remotely. No exploit is available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More