Medium severity5.5OSV Advisory· Published May 15, 2024· Updated Jun 17, 2026
CVE-2024-35184
CVE-2024-35184
Description
Paperless-ngx is a document management system that transforms physical documents into a searchable online archive. Starting in version 2.5.0 and prior to version 2.8.6, remote user authentication allows API access even if API access is explicitly disabled. Version 2.8.6 contains a patchc for the issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
20.3.0, 0.3.1, 0.3.3, …+ 1 more
- (no CPE)range: 0.3.0, 0.3.1, 0.3.3, …
- (no CPE)range: >=2.5.0,<2.8.6
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.