Medium severityNVD Advisory· Published Jan 14, 2026· Updated Apr 15, 2026
CVE-2026-0601
CVE-2026-0601
Description
A reflected cross-site scripting vulnerability exists in Nexus Repository 3 that allows unauthenticated attackers to execute arbitrary JavaScript in a victim's browser through a specially crafted request requiring user interaction.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <3.88.0
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.