VYPR

Go modules package

github.com/autobrr/qui

pkg:golang/github.com/autobrr/qui

Vulnerabilities (1)

  • CVE-2026-30924CriMar 19, 2026
    affected < 1.15.0fixed 1.15.0

    qui is a web interface for managing qBittorrent instances. Versions 1.14.1 and below use a permissive CORS policy that reflects arbitrary origins while also returning Access-Control-Allow-Credentials: true, effectively allowing any external webpage to make authenticated requests