CVE-2026-1194

MEDIUM

MineAdmin 1.x/2.x - Information Disclosure in Swagger Component

Title source: llm
STIX 2.1

Description

A security flaw has been discovered in MineAdmin 1.x/2.x. This affects an unknown function of the component Swagger. The manipulation results in information disclosure. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry technical-description
https://vuldb.com/?id.341779
Permissions Required, VDB Entry signature permissions-required
https://vuldb.com/?ctiid.341779
Third Party Advisory, VDB Entry third-party-advisory
https://vuldb.com/?submit.734271
Exploit, Issue Tracking, Mitigation, Third Party Advisory broken-link exploit issue-tracking
https://github.com/SourByte05/MineAdmin-Vulnerability/issues/5

Scores

CVSS v3 5.3
EPSS 0.0069
EPSS Percentile 47.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact partial

Details

CWE
CWE-200 CWE-284
Status published
Products (5)
mineadmin/mineadmin 1.0
mineadmin/mineadmin 2.0
mineadmin/mineadmin 1.0.0Packagist
n/a/MineAdmin 1.*
n/a/MineAdmin 2.*
Published Jan 20, 2026
Tracked Since Feb 18, 2026