TheHackerWire

🔴 CVE-2026-1114 - Critical (9.8)

In parisneo/lollms version 2.1.0, the application's session management is vulnerable to improper access control due to the use of a weak secret key for signing JSON Web Tokens (JWT). This vulnerability allows an attacker to perform an offline brut...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1114/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

Apr 7 at 8:00amCVE Bot