CVE-2026-50892
EUVD-2026-3679015.06.2026, 20:16
Incorrect access control in the "Let's Encrypt" certificate download endpoint of Nginx Proxy Manager v2.14.0 allows authenticated attackers to obtain the TLS private key material via a crafted GET request.Enginsight
Awaiting analysis
This vulnerability is currently awaiting analysis.