CVE-2026-22104

EUVD-2026-45155
Improper access control in Hashtopolis server web-interface chunk activity component for versions prior to 0.14.8 allows any created account to read all cracked hashes of a Hashtopolis server instance.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
DIVDCNA
7.1 HIGH
NETWORK
LOW
LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/R:I
Base Score
CVSS 3.x
EPSS Score
Percentile: 25%
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
hashtopolishashtopolis
𝑥
< 0.14.8
CNA