5 matches found
EUVD-2026-39806
Dokku is a docker-powered PaaS. Prior to 0.38.7, the cron plugin utilizes commands in the app.json file to manage system cron running as the Dokku user. An app.json cron command utilizing special shell characters - including, but not limited to, or ; - can break out of the Docker container and...
CVE-2026-49396 Nezha Monitoring: Cross-site GET request can trigger stored cron commands on a victim's agents
Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 1.0.0 to before version 2.0.14, cross-site GET request can trigger stored cron commands on a victim's agents. This issue has been patched in version 2.0.14...
CVE-2026-49396
CVE-2026-49396 affects Nezha Monitoring (versions 1.0.0 up to before 2.0.14). A cross-site GET request can trigger stored cron commands on a victim’s agents, enabling an attacker to force execution of an existing cron task via the victim’s authenticated session. The issue has been patched in vers...
CVE-2026-49396 Nezha Monitoring: Cross-site GET request can trigger stored cron commands on a victim's agents
Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 1.0.0 to before version 2.0.14, cross-site GET request can trigger stored cron commands on a victim's agents. This issue has been patched in version 2.0.14...
GHSA-8QHJ-4F8C-J8QG Nezha has cross-site GET request that can trigger stored cron commands on a victim's agents
Summary The dashboard exposes the cron manual-trigger action as an authenticated GET /api/v1/cron/:id/manual endpoint. Dashboard JWTs are sent in the nz-jwt cookie and configured with SameSite=Lax, which browsers include on top-level cross-site GET navigations. Because this state-changing GET...