maziggy - Security Researcher - Exploit Intelligence Platform

CVE-2026-25505 WRITEUP CRITICAL WRITEUP

Pypi Bambuddy < 0.1.7 - Missing Authentication

Bambuddy is a self-hosted print archive and management system for Bambu Lab 3D printers. Prior to version 0.1.7, a hardcoded secret key used for signing JWTs is checked into source code and ManyAPI routes do not check authentication. This issue has been patched in version 0.1.7.

CVSS 9.8

View Code

CVE-2026-25505 WRITEUP CRITICAL WRITEUP

Pypi Bambuddy < 0.1.7 - Missing Authentication

Bambuddy is a self-hosted print archive and management system for Bambu Lab 3D printers. Prior to version 0.1.7, a hardcoded secret key used for signing JWTs is checked into source code and ManyAPI routes do not check authentication. This issue has been patched in version 0.1.7.

CVSS 9.8

View Code

CVE-2026-25505 WRITEUP CRITICAL WRITEUP

Pypi Bambuddy < 0.1.7 - Missing Authentication

Bambuddy is a self-hosted print archive and management system for Bambu Lab 3D printers. Prior to version 0.1.7, a hardcoded secret key used for signing JWTs is checked into source code and ManyAPI routes do not check authentication. This issue has been patched in version 0.1.7.

CVSS 9.8

View Code