CyberRota
← Ana sayfaya dön

CVE-2026-50628

CRITICAL · CVSS 9.8 EPSS %0.60

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-12T10:16:22.710 · Çekilme zamanı: 2026-06-30T12:18:00.823653+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

CVE
CVE-2026-50628
Severity
CRITICAL
CVSS
9.8
EPSS
%0.60

Orijinal NVD Açıklaması

A logic error in OAuthRequestFilter rejects legitimate requests originating from the bound IP address, while blindly allowing requests from any other IP address. Enabling this security feature inadvertently creates an inverse security check. Users are recommended to upgrade to versions 4.2.2 or 4.1.7, which fixes this issue.