CVE-2026-14687

Source
https://cve.org/CVERecord?id=CVE-2026-14687
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-14687.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-14687
Published
2026-07-05T00:30:09.629Z
Modified
2026-07-15T01:48:54.083427986Z
Severity
  • 5.5 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P CVSS Calculator
Summary
666ghj BettaFish InsightEngine search-result Deduplication agent.py _deduplicate_results partial string comparison
Details

A vulnerability was determined in 666ghj BettaFish up to 1.2.1. Impacted is the function deduplicateresults of the file InsightEngine/agent.py of the component InsightEngine search-result Deduplication. Executing a manipulation can lead to partial string comparison. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. The pull request to fix this issue awaits acceptance.

Database specific
{
    "cwe_ids": [
        "CWE-187",
        "CWE-697"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/14xxx/CVE-2026-14687.json",
    "cna_assigner": "VulDB"
}
References

Affected packages

Git / github.com/666ghj/bettafish

Affected ranges

Type
GIT
Repo
https://github.com/666ghj/bettafish
Events
Database specific
{
    "extracted_events": [
        {
            "introduced": "1.2.0"
        },
        {
            "last_affected": "1.2.0"
        },
        {
            "introduced": "1.2.1"
        },
        {
            "last_affected": "1.2.1"
        }
    ],
    "source": "AFFECTED_FIELD"
}

Affected versions

1.*
1.2.0
1.2.1
v1.*
v1.2.0
v1.2.1

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-14687.json"