ByteOS Network

cocoteanet

Source -

NVD

BOS Name -

N/A

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

2Vulnerabilities found

CVE-2026-2693

Assigner-VulDB

View Details

Assigner-VulDB

CVSS Score-5.3||MEDIUM

EPSS-0.02% / 6.10%

7 Day CHG~0.00%

Published-19 Feb, 2026 | 02:32

Updated-20 Feb, 2026 | 19:34

CoCoTeaNet CyreneAdmin System Info Endpoint getCount improper authorization

A vulnerability was determined in CoCoTeaNet CyreneAdmin up to 1.3.0. This vulnerability affects unknown code of the file /api/system/dashboard/getCount of the component System Info Endpoint. Executing a manipulation can lead to improper authorization. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized.

Vendor-cocoteanet CoCoTeaNet

Product-cyreneadmin CyreneAdmin

CWE ID-CWE-266

Incorrect Privilege Assignment

CWE ID-CWE-285

Improper Authorization

CVE-2026-2692

Assigner-VulDB

View Details

Assigner-VulDB

CVSS Score-5.3||MEDIUM

EPSS-0.04% / 10.58%

7 Day CHG~0.00%

Published-19 Feb, 2026 | 02:02

Updated-20 Feb, 2026 | 19:34

CoCoTeaNet CyreneAdmin Image getAvatar path traversal

A vulnerability was found in CoCoTeaNet CyreneAdmin up to 1.3.0. This affects an unknown part of the file /api/system/user/getAvatar of the component Image Handler. Performing a manipulation of the argument Avatar results in path traversal. The attack can be initiated remotely. The exploit has been made public and could be used.

Vendor-cocoteanet CoCoTeaNet

Product-cyreneadmin CyreneAdmin

CWE ID-CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')