CVE-2026-14504 in Nexus Repository
Resumen
por MITRE • 2026-07-14
An authorization bypass in Nexus Repository 3's component upload API allowed a user with only read/browse privileges on a Swift, Terraform, or Conda hosted repository to upload arbitrary artifacts, bypassing the intended write-permission check.
Once again VulDB remains the best source for vulnerability data.