10 matches found
CVE-2026-25505
Bambuddy is a self-hosted print archive and management system for Bambu Lab 3D printers. Prior to version 0.1.7, a hardcoded secret key used for signing JWTs is checked into source code and ManyAPI routes do not check authentication. This issue has been patched in version 0.1.7...
CVE-2026-25505
Bambuddy is a self-hosted print archive and management system for Bambu Lab 3D printers. Prior to version 0.1.7, a hardcoded secret key used for signing JWTs is checked into source code and ManyAPI routes do not check authentication. This issue has been patched in version 0.1.7...
CVE-2026-25505
CVE-2026-25505 affects Bambuddy (self-hosted print archive/management for Bambu Lab printers). Root cause: hardcoded secret key used to sign JWTs and many API endpoints do not require authentication, enabling unauthorized access. Impact in the documented disclosures is high (unauthorized admin-li...
CVE-2026-25505
Bambuddy is a self-hosted print archive and management system for Bambu Lab 3D printers. Prior to version 0.1.7, a hardcoded secret key used for signing JWTs is checked into source code and ManyAPI routes do not check authentication. This issue has been patched in version 0.1.7...
CVE-2026-25505 Bambuddy Uses Hardcoded Secret Key + Many API Endpoints do not Require Authentication
Bambuddy is a self-hosted print archive and management system for Bambu Lab 3D printers. Prior to version 0.1.7, a hardcoded secret key used for signing JWTs is checked into source code and ManyAPI routes do not check authentication. This issue has been patched in version 0.1.7...
EUVD-2026-5350
Bambuddy is a self-hosted print archive and management system for Bambu Lab 3D printers. Prior to version 0.1.7, a hardcoded secret key used for signing JWTs is checked into source code and ManyAPI routes do not check authentication. This issue has been patched in version 0.1.7...
CVE-2026-25505 Bambuddy Uses Hardcoded Secret Key + Many API Endpoints do not Require Authentication
Bambuddy is a self-hosted print archive and management system for Bambu Lab 3D printers. Prior to version 0.1.7, a hardcoded secret key used for signing JWTs is checked into source code and ManyAPI routes do not check authentication. This issue has been patched in version 0.1.7...
Bambuddy 安全漏洞
Bambuddy is a self-hosted printing management system for 3D printers developed by MartinNYHC’s individual developer. Versions of Bambuddy prior to 0.1.7 contained security vulnerabilities. These vulnerabilities stemmed from hard-coded keys and the lack of authentication checks on ManyAPI routes,...
PT-2026-6298
Name of the Vulnerable Software and Affected Versions Bambuddy versions prior to 0.1.7 Description Bambuddy is a self-hosted print archive and management system for Bambu Lab 3D printers. Versions before 0.1.7 include a hardcoded secret key used for signing JSON Web Tokens JWTs. Multiple API rout...
PT-2026-6421
Summary 1. A hardcoded secret key used for signing JWTs is checked into source code 2. ManyAPI routes do not check authentication Details I am using the publicly available docker image at ghcr.io/maziggy/bambuddy 1. Hardcoded JWT Secret Key...