CNNVD-202602-2188 Information

CNNVD ID

CNNVD-202602-2188

Related CVE

CVE-2026-26273

• CNNVD Published: 2026-02-13

Description (Chinese)

Known是美国Known开源的一个社交发布平台。 Known 1.6.3之前版本存在授权问题漏洞，该漏洞源于在密码重置页面的隐藏HTML输入字段中泄露密码重置令牌，可能导致账户接管。

Description (English)

Known is a social distribution platform for Known Opens in the United States. The previous version of Known 1.6.3 had a bug in authorization, which originated from the leaking of password resetting tokens in the hidden HTML input field on the password reshuffle page, which could lead to the account taking over.

Vulnerability Type

授权问题

Affected Vendor

Known

Published

2026-02-13

Last Modified

2026-02-24

References

https://github.com/idno/known/commit/8439a0747471559fb1ea9f074b929d390f27e66a https://github.com/idno/known/releases/tag/1.6.3 https://github.com/idno/known/security/advisories/GHSA-78wq-6gcv-w28r

Patch

https://github.com/idno/known/releases