CVE-2026-14504
UNKNOWN
NVD
CVSS Score
0
Severity
UNKNOWN
Published
Jul 14, 2026
Vendor
unknown
Description
An authorization bypass in Nexus Repository 3's component upload API allowed a user with only read/browse privileges on a Swift, Terraform, or Conda hosted repository to upload arbitrary artifacts, bypassing the intended write-permission check.