CNNVD-202601-4847 Information

CNNVD ID

CNNVD-202601-4847

Related CVE

CVE-2026-25126

• CNNVD Published: 2026-01-29

Description (Chinese)

PolarLearn是PolarNL开源的一个在线学习平台。 PolarLearn 0-PRERELEASE-15之前版本存在输入验证错误漏洞，该漏洞源于缺少运行时验证，可能导致绕过预期的业务逻辑。

Description (English)

PolarLearn is an online learning platform for PolarNL Open Source. Prior to the PolarLearn 0-PRRELEEASE-15 version, there was an input validation error gap, which stemmed from a lack of running-time validation and could lead to circumventing the expected business logic.

Hazard Level

Medium

Vulnerability Type

输入验证错误

Affected Vendor

PolarNL

Published

2026-01-29

Last Modified

2026-02-24

References

https://github.com/polarnl/PolarLearn/security/advisories/GHSA-ghpx-5w2p-p3qp https://github.com/polarnl/PolarLearn/commit/e6227d94d0e53e854f6a46480db8cd1051184d41 https://access.redhat.com/security/cve/cve-2026-25126

Patch

https://github.com/polarnl/PolarLearn