Shellhub-io Shellhub
4 CVEs affecting Shellhub-io Shellhub. Latest disclosed: 2026-05-13. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-44426 | Medium | 6.5 | 2026-05-13 | ShellHub is a centralized SSH gateway. Prior to 0.24.2, GET /api/namespaces/:tenant returns the full namespace object — including the members list (user IDs, e… |
CVE-2026-44424 | Medium | 6.5 | 2026-05-13 | ShellHub is a centralized SSH gateway. Prior to 0.24.2, GET /api/devices/:uid returns the full device object whenever the caller is authenticated, without veri… |
CVE-2026-44423 | Medium | 6.5 | 2026-05-13 | ShellHub is a centralized SSH gateway. Prior to 0.24.2, GET /api/sessions/:uid returns the full session object for any authenticated caller, without scoping by… |
CVE-2026-44425 | Medium | 5.4 | 2026-05-13 | ShellHub is a centralized SSH gateway. Prior to 0.24.2, the device list endpoint accepts user-controlled identifiers in the the name field of each filter prope… |