CNNVD-202601-4578 Information

CNNVD ID

CNNVD-202601-4578

Related CVE

CVE-2026-24824

• CNNVD Published: 2026-01-27

Description (Chinese)

YaCy是YaCy Search Engine开源的一个分布式网络搜索引擎。 YaCy存在安全漏洞，该漏洞源于程序文件YaCyDefaultServlet.Java存在Web页面生成期间输入中和不当，可能导致跨站脚本攻击。

Description (English)

YaCy is a distributed web search engine for YaCy Saarch Engineering. There is a security loophole in YaCy, which stems from the fact that the program document YaCyDefaultServlet.Java was inappropriately entered during the web page generation, which could lead to a cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

YaCy Search Engine

Published

2026-01-27

Last Modified

2026-02-24

References

https://github.com/yacy/yacy_search_server/pull/722 https://access.redhat.com/security/cve/cve-2026-24824