CyberRota
← Ana sayfaya dön

CVE-2026-49230

CRITICAL · CVSS 9.1 EPSS %0.22

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-19T14:16:23.427 · Çekilme zamanı: 2026-06-30T12:26:51.858756+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

CVE
CVE-2026-49230
Severity
CRITICAL
CVSS
9.1
EPSS
%0.22
Apache

Orijinal NVD Açıklaması

Improper Validation of Integrity Check Value vulnerability in Apache APISIX. The jwe-decrypt plugin under default configuration is vulnerable to authentication bypass.  This issue affects Apache APISIX: from 3.8.0 through 3.16.0. Users are recommended to upgrade to version 3.17.0, which fixes the issue.