CNNVD-202602-2081 Information

CNNVD ID

CNNVD-202602-2081

Related CVE

CVE-2026-25768

• CNNVD Published: 2026-02-12

Description (Chinese)

lavinmq是CloudAMQP开源的一个消息队列和流媒体服务器。 lavinmq 2.6.6之前版本存在安全漏洞，该漏洞源于认证用户可访问不应访问的代理元数据。

Description (English)

Lavinmq is an open-source news queue and streaming media server for ClaudeAMQP. There was a security loophole in the previous version of lavinmq 2.6.6, which originated from the access of the authentication user to proxy metadata that should not be accessed.

Vulnerability Type

其他

Affected Vendor

CloudAMQP

Published

2026-02-12

Last Modified

2026-02-24

References

https://github.com/cloudamqp/lavinmq/commit/e871f8d0a53685f04e39e6410a2421c1f82803b0 https://github.com/cloudamqp/lavinmq/pull/1669 https://github.com/cloudamqp/lavinmq/security/advisories/GHSA-r2mh-8vq6-qf7m

Patch

https://github.com/cloudamqp/lavinmq/releases