CVE-2026-25660

UNKNOWN NVD

CVSS Score 0

Severity UNKNOWN

Published Apr 24, 2026

Vendor unknown

Description

CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Authentication bypass occurs when the URL ends with Authentication with certain function calls. This bypass allows assigning arbitrary permission to any user existing in CodeChecker. This issue affects CodeChecker: through 6.27.3.

References

https://github.com/Ericsson/codechecker/security/advisories/GHSA-4v9x-cqc5-j645