CVE Catalog

CVE-2026-10741

MediumCVSS 5.9
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.26%

17th percentile — higher than 17% of all known CVEs

Summary

Sonatype Nexus Repository Manager before 3.93.0 contains an authorization vulnerability in the proxy repository configuration that allows a delegated repository administrator to disclose stored upstream proxy credentials.

Risk Assessment

This vulnerability may lead to unauthorized access to sensitive data, posing a risk to the organization's security.

Recommendation

It is recommended to upgrade Sonatype Nexus Repository Manager to version 3.93.0 or later to mitigate this vulnerability.

Original NVD description (English source)

Sonatype Nexus Repository Manager before 3.93.0 contains an authorization vulnerability in the proxy repository configuration that allows a delegated repository administrator to disclose stored upstream proxy credentials.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS