Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

quenary

Source -

NVD

BOS Name -

N/A

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

2
Related CVEsRelated ProductsRelated AssignersReports
2Vulnerabilities found
CVE-2026-23846
Assigner-GitHub, Inc.
ShareView Details
Assigner-GitHub, Inc.
CVSS Score-8.1||HIGH
EPSS-0.08% / 22.65%
||
7 Day CHG+0.01%
Published-19 Jan, 2026 | 19:42
Updated-05 Feb, 2026 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tugtainer vulnerable to Password Exposure via URL Query Parameter

Tugtainer is a self-hosted app for automating updates of Docker containers. In versions prior to 1.16.1, the password authentication mechanism transmits passwords via URL query parameters instead of the HTTP request body. This causes passwords to be logged in server access logs and potentially exposed through browser history, Referer headers, and proxy logs. Version 1.16.1 patches the issue.

Action-Not Available
Vendor-quenaryQuenary
Product-tugtainertugtainer
CWE ID-CWE-598
Use of GET Request Method With Sensitive Query Strings
CVE-2025-69201
Assigner-GitHub, Inc.
ShareView Details
Assigner-GitHub, Inc.
CVSS Score-8.1||HIGH
EPSS-0.07% / 20.85%
||
7 Day CHG-0.00%
Published-29 Dec, 2025 | 15:51
Updated-20 Feb, 2026 | 16:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tugtainer has RCE in Agent Command Execution Api

Tugtainer is a self-hosted app for automating updates of docker containers. In versions prior to 1.15.1, arbitary arguments can be injected in tugtainer-agent `POST api/command/run`. Version 1.15.1 fixes the issue.

Action-Not Available
Vendor-quenaryQuenary
Product-tugtainertugtainer
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')