CVE-2026-41646 | ProjectDiscovery Nuclei up to 3.7.x JavaScript Protocol Runtime require access control

A vulnerability was found in ProjectDiscovery Nuclei up to 3.7.x. It has been declared as critical. Impacted is the function require of the component JavaScript Protocol Runtime. The manipulation results in improper access controls.

This vulnerability is cataloged as CVE-2026-41646. The attack must be initiated from a local position. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More