CVE-2026-53521 | THREATINT

Description

Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 2.0.14 to before version 2.1.0, PATCH /server/{id} accepts and persists nonexistent ddns_profiles IDs for a member-owned server. If another user later creates a DDNS profile with one of those IDs, the DDNS worker resolves the stored ID and dispatches an update using the other user's DDNS profile configuration in the context of the attacker's server. This issue has been patched in version 2.1.0.

PUBLISHED Reserved 2026-06-09 | Published 2026-06-12 | Updated 2026-06-15 | Assigner GitHub_M

MEDIUM: 6.4CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L

Problem types

CWE-863: Incorrect Authorization

Product status

>= 2.0.14, < 2.1.0

affected

References

github.com/.../nezha/security/advisories/GHSA-39g2-8x68-pmx8 exploit

github.com/.../nezha/security/advisories/GHSA-39g2-8x68-pmx8

cve.org (CVE-2026-53521)

nvd.nist.gov (CVE-2026-53521)

Download JSON