CVE-2026-22104
Hashtopolis server web-interface chunk activity component has an improper access control vulnerability in versions prior to 0.14.8, allowing any created account to read all cracked hashes for a Hashtopolis server instance. Root cause: insufficient access restrictions on the chunk activity UI/back...