CVE-2026-35175

Sažetak

Ajenti is a Linux and BSD modular server admin panel. Prior to 2.2.15, an authenticated user (using the auth_users plugin authentication method) could install a custom package even if this user is not superuser. This vulnerability is fixed in 2.2.15.

Reference

https://github.com/ajenti/ajenti/releases/tag/v2.2.15
https://github.com/ajenti/ajenti/security/advisories/GHSA-73jv-44c3-j5p2

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

07-04-2026 - 13:20

Objavljeno

06-04-2026 - 18:16