CVE-2026-0615

Summary

The Librarian supervisord status page can be retrieved by the web_fetch tool, which can be used to retrieve running processes within TheLibrarian backend. The vendor has fixed the vulnerability in all affected versions.

Affected Software

VendorProductVersion RangeStatus
TheLibrarianTheLibrarian.io0 <= 1.0affected

Weaknesses

  • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References