logo

Database

Improper authorization control for web services In github.com/projectdiscovery/nuclei/v3

Description

Nuclei: Local File Read via require() Module Loader Bypass in github.com/projectdiscovery/nuclei Nuclei: Local File Read via require() Module Loader Bypass in github.com/projectdiscovery/nuclei

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2026-416462. NVD-2026-416463. OSV-2026-416464. OSV-GO-2026-49655. GHSA-29rg-wmcw-hpf46. GCVE-2026-416467. GHSA-29rg-wmcw-hpf4

References

1. https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-29rg-wmcw-hpf42. https://github.com/projectdiscovery/nuclei/pull/73323. https://github.com/projectdiscovery/nuclei/commit/6f2ade6a9b427c284c15a43445f9c7f055e60e5d

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.