CVE Catalog

CVE-2026-50870

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.15%

4th percentile — higher than 4% of all known CVEs

Summary

CVE-2026-50870 is an information disclosure vulnerability in the configuration endpoint of Ben Busby's whoogle-search v1.2.3, allowing attackers to obtain sensitive information via a crafted GET request.

Risk Assessment

Organizations may be exposed to the disclosure of confidential information, potentially leading to further attacks or data breaches.

Recommendation

It is recommended to update to the latest version of whoogle-search and monitor logs for potential exploitation attempts.

Original NVD description (English source)

An information disclosure vulnerability in the configuration endpoint of Ben Busby whoogle-search v1.2.3 allows attackers to obtain sensitive information via a crafted GET request.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS