CRITICALCVE-2026-32295Published Modified CNA cisa-cg
CVE-2026-32295: JetKVM insufficient login rate limiting
JetKVM before 0.5.4 does not rate limit login requests, enabling brute-force attempts to guess credentials.
Metrics
- CVSS v4.0
- 9.3
- Severity
- CRITICAL
- Fixed in
- 0.5.4
- Affected Products
- 1
Affected packages
- JetKVM / JetKVM< 0.5.4 (from 0)Fixed in 0.5.4
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H