Medium severity6.5NVD Advisory· Published May 4, 2026· Updated May 5, 2026
CVE-2026-7714
CVE-2026-7714
Description
A flaw has been found in crocodilestick Calibre-Web-Automated up to 4.0.6. Affected by this issue is some unknown functionality of the file cps/cwa_functions.py of the component Admin Endpoint. This manipulation causes missing authentication. It is possible to initiate the attack remotely. The exploit has been published and may be used. The project was informed of the problem early through a pull request but has not reacted yet.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <=4.0.6
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.