CVE-2026-30994

UNKNOWN NVD

CVSS Score 0

Severity UNKNOWN

Published Apr 15, 2026

Vendor unknown

Description

Incorrect access control in the config.php component of Slah v1.5.0 and below allows unauthenticated attackers to access sensitive information, including active session credentials.

References

https://cve.joaopaulodeoliveira.dev/cve.php/published/CVE-2026-30994
https://cve.joaopaulodeoliveira.dev/cve.php/reserved/slah-informatica-sensitive-data-exposure