CVE Catalog

CVE-2026-3329

HighCVSS 8.7
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.15%

36th percentile - higher than 36% of all known CVEs

Summary

A remote unauthenticated attacker may be able to conduct credential-guessing attacks against user accounts in Sonatype Nexus Repository via authentication endpoints.

Risk Assessment

This attack could lead to unauthorized access to user accounts, posing a significant threat to data security within the organization.

Recommendation

It is recommended to implement strong password policies and monitor login attempts to detect and block suspicious activities.

Original NVD description (English source)

A remote unauthenticated attacker may be able to conduct credential-guessing attacks against user accounts in Sonatype Nexus Repository via authentication endpoints.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS