CVE-2026-14611
Last modified
CVE-2026-14611 is a medium-severity vulnerability rated 5.3/10 on the CVSS scale. A vulnerability has been found in DeepMyst Mysti up to 0.4.0. The affected element is the function initProjectMemory of the file src/managers/MemoryManager.ts of the component Per-Project Auto-Memory Handler. EPSS estimates a 0.25% chance of exploitation in the next 30 days.
Description
A vulnerability has been found in DeepMyst Mysti up to 0.4.0. The affected element is the function initProjectMemory of the file src/managers/MemoryManager.ts of the component Per-Project Auto-Memory Handler. Such manipulation of the argument workspacePath leads to exposure of resource. The attack may be performed from remote. Upgrading to version 0.4.0 is sufficient to fix this issue. The name of the patch is 6d709229b5199f6769fb3cf763e5122dcc43c079. It is advisable to upgrade the affected component.
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Weakness Enumeration
Affected Software
Source: CNA advisory (CVE.org). NVD analysis pending.
| Vendor | Product | Versions |
|---|---|---|
| DeepMyst | Mysti | 0.1; 0.2; 0.3; 0.4.0 |
References
Timeline
- Published
- Last Modified
- Status
- Deferred
Frequently Asked Questions
What is CVE-2026-14611?
How severe is CVE-2026-14611?
How do I fix CVE-2026-14611?
Related CVEs from 2026
- CVE-2026-14606A security flaw has been discovered in RT-Thread up to 5.0.2…7.8
- CVE-2026-14607A weakness has been identified in RT-Thread up to 5.0.2. Thi…5.5
- CVE-2026-14608A security vulnerability has been detected in SourceCodester…4.3
- CVE-2026-14609A vulnerability was detected in SourceCodester CET Automated…5.6
- CVE-2026-1461The Simple Membership plugin for WordPress is vulnerable to …6.5
- CVE-2026-14610A flaw has been found in Open Asset Import Library Assimp up…5.3
- CVE-2026-14612Two off-by-one errors in the FreeIPA ipa-otpd daemon's OAuth…4.2
- CVE-2026-14613A vulnerability was discovered in Keycloak's administrative …4.3
- CVE-2026-14614A flaw was found in the ClientResource component of Keycloak…5.4
- CVE-2026-14615A flaw was found in the Fine-Grained Admin Permissions (FGAP…4.3
- CVE-2026-14617A security vulnerability has been detected in NousResearch h…3.1
- CVE-2026-14618A vulnerability was detected in Open5GS up to 2.7.7. Affecte…4.3
Are you affected by CVE-2026-14611?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST
