CNNVD-202601-1815 Information
CNNVD ID
CNNVD-202601-1815
Related CVE
- CNNVD Published: 2026-01-12
Description (Chinese)
Lychee是The Lychee Organisation开源的一个漂亮且易于使用的照片管理系统。用于管理和共享照片。 Lychee 7.1.0之前版本存在安全漏洞,该漏洞源于相册密码解锁功能存在授权漏洞,可能导致用户未经授权访问其他用户的密码保护相册。
Description (English)
Lychee is a beautiful and easy-to-use photo management system for the Lychee Organization. Used to manage and share photographs. There was a security loophole in the pre-Lychee 7.1.0 version, which resulted from an authorized loophole in the album password unlocking function, which could lead to unauthorized access to password-protected albums by other users.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
The Lychee Organisation
Published
2026-01-12
Last Modified
2026-02-24
References
https://github.com/LycheeOrg/Lychee/commit/f021a29f9ab2bafa81d9f5e32ff5bc89915c7d41 https://github.com/LycheeOrg/Lychee/security/advisories/GHSA-jj56-2c54-4f25 https://access.redhat.com/security/cve/cve-2026-22784
Patch
https://github.com/LycheeOrg/Lychee/releases
Share on: