CVE-2026-7714 | crocodilestick Calibre-Web-Automated up to 4.0.6 Admin Endpoint cps/cwa_functions.py missing authentication (Issue 1304)

A vulnerability marked as critical has been reported in crocodilestick Calibre-Web-Automated up to 4.0.6. Affected by this issue is some unknown functionality of the file cps/cwa_functions.py of the component Admin Endpoint. This manipulation causes missing authentication.

The identification of this vulnerability is CVE-2026-7714. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The project was informed of the problem early through a pull request but has not reacted yet.VulDB Recent EntriesRead More