CNNVD-202601-1983 Information

CNNVD ID

CNNVD-202601-1983

Related CVE

CVE-2026-22814

• CNNVD Published: 2026-01-13

Description (Chinese)

@adonisjs/lucid是AdonisJS Framework开源的一个数据库对象关系映射库。 @adonisjs/lucid 21.8.2之前版本和22.0.0-next.6之前版本存在安全漏洞，该漏洞源于存在批量分配漏洞，可能导致逻辑绕过和未经授权的记录修改。

Description (English)

@adonisjs/lucid is an open-source database of AdonisJS Framework. @adonisjs/lucid 21.8.2 and 22.0.0-next.6 had a security loophole, which stemmed from a mass distribution gap that could lead to logical circumvention and unauthorized record-keeping modifications.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

AdonisJS Framework

Published

2026-01-13

Last Modified

2026-02-24

References

https://github.com/adonisjs/lucid/security/advisories/GHSA-g5gc-h5hp-555f https://access.redhat.com/security/cve/cve-2026-22814

Patch

https://github.com/adonisjs/lucid/releases