CNNVD-202601-1596 Information

CNNVD ID

CNNVD-202601-1596

Related CVE

CVE-2025-60538

• CNNVD Published: 2026-01-09

Description (Chinese)

Shiori是Shiori开源的一个书签管理器。 Shiori 1.7.4及之前版本存在安全漏洞，该漏洞源于登录页面缺少速率限制，可能导致攻击者通过暴力攻击绕过身份验证。

Description (English)

Shiori is a bookmark manager at Shiori Open Source. There was a security loophole in Siori 1.7.4 and earlier versions, which stemmed from the lack of speed limits on login pages, which could lead the attackers to bypass identification through violent attacks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Shiori

Published

2026-01-09

Last Modified

2026-02-24

References

https://github.com/go-shiori/shiori https://github.com/go-shiori/shiori/issues/1138 https://access.redhat.com/security/cve/cve-2025-60538

Patch

https://github.com/go-shiori/shiori/releases