CNNVD-202601-1469 Information

CNNVD ID

CNNVD-202601-1469

Related CVE

CVE-2026-21885

• CNNVD Published: 2026-01-08

Description (Chinese)

Miniflux是Miniflux开源的一个极简主义的提要阅读器。 Miniflux 2 2.2.16之前版本存在安全漏洞，该漏洞源于媒体代理端点可被滥用，可能导致服务端请求伪造。

Description (English)

Miniflux is a very concise, short-cut reader of the Miniflux open source. There was a security loophole in the previous version of Miniflux 2 2.2.16, which stemmed from the misuse of media proxy endpoints, which could lead to the forgery of service-level requests.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Miniflux

Published

2026-01-08

Last Modified

2026-02-24

References

https://github.com/miniflux/v2/security/advisories/GHSA-xwh2-742g-w3wp https://access.redhat.com/security/cve/cve-2026-21885

Patch

https://github.com/miniflux/v2/releases