CNNVD-202601-021 Information

CNNVD ID

CNNVD-202601-021

Related CVE

CVE-2025-66398

• CNNVD Published: 2026-01-01

Description (Chinese)

Signal K Server是Signal K开源的一个船用中央服务器。 Signal K Server 2.19.0之前版本存在安全漏洞，该漏洞源于未经验证的攻击者可污染服务器内部状态，可能导致账户接管和远程代码执行。

Description (English)

Signal K Server is a central shipping server for Signal K Open Source. The previous version of Signal K Server 2.19.0 had a security loophole, which stemmed from the unverifiable attacker ’ s contamination of the internal state of the server and could lead to account take-over and remote code implementation.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

Signal K

Published

2026-01-01

Last Modified

2026-02-24

References

https://github.com/SignalK/signalk-server/releases/tag/v2.19.0 https://github.com/SignalK/signalk-server/security/advisories/GHSA-w3x5-7c4c-66p9

Patch

https://github.com/SignalK/signalk-server/releases