CVE-2026-44775

Source
https://cve.org/CVERecord?id=CVE-2026-44775
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-44775.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-44775
Aliases
  • GHSA-6gc9-6r8p-5wg2
Published
2026-05-26T17:27:11.008Z
Modified
2026-07-08T08:13:29.503632738Z
Severity
  • 6.9 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N CVSS Calculator
Summary
Kavita: No authentication at /api/Reader/image
Details

Kavita is a cross platform reading server. Prior to 0.9.0, the ReaderController.GetImage endpoint is decorated with [AllowAnonymous], allowing completely unauthenticated access to page images from any chapter in any library. While the endpoint accepts an apiKey parameter, it is never validated. Since entity IDs are sequential integers, an unauthenticated attacker can trivially enumerate all content on the server. This vulnerability is fixed in 0.9.0.

Database specific
{
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-306"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/44xxx/CVE-2026-44775.json"
}
References

Affected packages

Git / github.com/kareadita/kavita

Affected ranges

Type
GIT
Repo
https://github.com/kareadita/kavita
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "0.9.0"
        }
    ],
    "source": "AFFECTED_FIELD"
}

Affected versions

v0.*
v0.1
v0.2
v0.3
v0.4.1.1
v0.4.2
v0.4.3
v0.4.5
v0.4.6
v0.4.8
v0.4.9
v0.5.0
v0.5.1
v0.5.2
v0.5.2.3
v0.5.2.5
v0.5.3
v0.5.4
v0.5.5
v0.7.1.4
v0.7.10
v0.7.10.1
v0.7.10.2
v0.7.11
v0.7.11.1
v0.7.11.2
v0.7.12
v0.7.13
v0.7.14
v0.7.3
v0.7.3.1
v0.7.4
v0.7.5
v0.7.6
v0.7.7
v0.7.8
v0.7.9
v0.8.0
v0.8.1
v0.8.2
v0.8.3
v0.8.3.2
v0.8.4
v0.8.4.2
v0.8.5
v0.8.5.11
v0.8.5.3
v0.8.6
v0.8.6.1
v0.8.6.2
v0.8.7
v0.8.8
v0.8.8.3
v0.8.9
v0.8.9.1

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-44775.json"