CVE-2026-50892
UNKNOWN
NVD
CVSS Score
0
Severity
UNKNOWN
Published
Jun 15, 2026
Vendor
unknown
Description
Incorrect access control in the "Let's Encrypt" certificate download endpoint of Nginx Proxy Manager v2.14.0 allows authenticated attackers to obtain the TLS private key material via a crafted GET request.