CVE-2026-2215

A vulnerability was detected in rachelos WeRSS we-mp-rss up to 1.4.8. This issue affects some unknown processing of the file core/auth.py of the component JWT Handler. Performing a manipulation of the argument SECRET_KEY results in use of default cryptographic key. The attack can be initiated remotely. The attack is considered to have high complexity. The exploitability is assessed as difficult. The exploit is now public and may be used.

CVSS v3 3.7 LOW
CVSS v2.0 2.6 LOW

3.7^/10

CVSS v3 : LOW

Vector :

Exploitability : 2.2 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

2.6^/10

CVSS v2.0 : LOW

Vector : AV:N/AC:H/Au:N/C:P/I:N/A:N

Exploitability : 4.9 / Impact : 2.9

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://vuldb.com/?ctiid.344932
https://vuldb.com/?id.344932
https://vuldb.com/?submit.752756
https://www.notion.so/WeRSS-Weak-JWT-Key-Leading-to-Authentication-Bypass-2feea92a3c41803faadae58327facd7b

Configurations

No configuration.

History

15 Apr 2026, 00:35

Type	Values Removed	Values Added
Summary		(es) Una vulnerabilidad fue detectada en rachelos WeRSS we-mp-rss hasta la versión 1.4.8. Este problema afecta a un procesamiento desconocido del archivo core/auth.py del componente JWT Handler. Realizar una manipulación del argumento SECRET_KEY resulta en el uso de una clave criptográfica predeterminada. El ataque puede iniciarse de forma remota. El ataque se considera de alta complejidad. La explotabilidad se evalúa como difícil. El exploit ahora es público y puede ser utilizado.

09 Feb 2026, 05:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-02-09 05:16

Updated : 2026-04-29 01:00

NVD link : CVE-2026-2215

Mitre link : CVE-2026-2215

CVE.ORG link : CVE-2026-2215

JSON object : View

Products Affected

No product.

CWE

CWE-1394

Use of Default Cryptographic Key

{"id": "CVE-2026-2215", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Secondary", "source": "cna@vuldb.com", "cvssData": {"version": "2.0", "baseScore": 2.6, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "HIGH", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 4.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "cna@vuldb.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.7, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.2}], "cvssMetricV40": [{"type": "Secondary", "source": "cna@vuldb.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 2.9, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "LOW", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "PROOF_OF_CONCEPT", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2026-02-09T05:16:25.100", "references": [{"url": "https://vuldb.com/?ctiid.344932", "source": "cna@vuldb.com"}, {"url": "https://vuldb.com/?id.344932", "source": "cna@vuldb.com"}, {"url": "https://vuldb.com/?submit.752756", "source": "cna@vuldb.com"}, {"url": "https://www.notion.so/WeRSS-Weak-JWT-Key-Leading-to-Authentication-Bypass-2feea92a3c41803faadae58327facd7b", "source": "cna@vuldb.com"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "cna@vuldb.com", "description": [{"lang": "en", "value": "CWE-1394"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability was detected in rachelos WeRSS we-mp-rss up to 1.4.8. This issue affects some unknown processing of the file core/auth.py of the component JWT Handler. Performing a manipulation of the argument SECRET_KEY results in use of default cryptographic key. The attack can be initiated remotely. The attack is considered to have high complexity. The exploitability is assessed as difficult. The exploit is now public and may be used."}, {"lang": "es", "value": "Una vulnerabilidad fue detectada en rachelos WeRSS we-mp-rss hasta la versi\u00f3n 1.4.8. Este problema afecta a un procesamiento desconocido del archivo core/auth.py del componente JWT Handler. Realizar una manipulaci\u00f3n del argumento SECRET_KEY resulta en el uso de una clave criptogr\u00e1fica predeterminada. El ataque puede iniciarse de forma remota. El ataque se considera de alta complejidad. La explotabilidad se eval\u00faa como dif\u00edcil. El exploit ahora es p\u00fablico y puede ser utilizado."}], "lastModified": "2026-04-29T01:00:01.613", "sourceIdentifier": "cna@vuldb.com"}