EUVD-2026-34863

🗓️ 05 Jun 2026 16:57:52Reported by EUVDType

TinyIce fixes unauthenticated ingest and admin golive via auth, bcrypt, rate limit, and disabled mounts.

Reporter	Title	Published	Views	Family All 13
ATTACKERKB	CVE-2026-45327	5 Jun 202616:57	–	attackerkb
Circl	CVE-2026-45327	5 Jun 202619:22	–	circl
CNNVD	TinyIce 访问控制错误漏洞	5 Jun 202600:00	–	cnnvd
CVE	CVE-2026-45327	5 Jun 202616:57	–	cve
Cvelist	CVE-2026-45327 TinyIce: Missing authentication on WebRTC ingest endpoint allows unauthorized stream injection	5 Jun 202616:57	–	cvelist
Github Security Blog	TinyIce: Missing authentication on WebRTC ingest endpoint allows unauthorized stream injection	18 May 202617:20	–	github
GitLab Advisory Database	TinyIce: Missing authentication on WebRTC ingest endpoint allows unauthorized stream injection	18 May 202600:00	–	gitlab
NVD	CVE-2026-45327	5 Jun 202618:17	–	nvd
OSV	GHSA-P7C4-8X34-8J8F TinyIce: Missing authentication on WebRTC ingest endpoint allows unauthorized stream injection	18 May 202617:20	–	osv
OSV	GO-2026-5534 TinyIce: Missing authentication on WebRTC ingest endpoint allows unauthorized stream injection in github.com/DatanoiseTV/tinyice	25 Jun 202622:34	–	osv

[
  {
    "enisaIdVendor": [
      {
        "id": "d30c44c9-60dd-3443-8534-b036e43c4f36",
        "vendor": {
          "name": "DatanoiseTV"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "36c852e4-6615-3958-b8d3-5c3d38899252",
        "product": {
          "name": "tinyice",
          "vendor": {
            "name": "DatanoiseTV"
          }
        },
        "product_version": "0.8.95, < 2.5.0"
      }
    ]
  }
]

Source	Link
github	www.github.com/DatanoiseTV/tinyice/security/advisories/GHSA-p7c4-8x34-8j8f
github	www.github.com/DatanoiseTV/tinyice/commit/8067d6b
github	www.github.com/DatanoiseTV/tinyice/releases/tag/v2.5.0

05 Jun 2026 19:07Current

5.5Medium risk

Vulners AI Score5.5

CVSS 3.18.2

EPSS0.00357

SSVC