VIR Vulnerability Intelligence Relay

Package impact

golang Go / github.com/shellhub-io/shellhub

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-44426 medium 6.5 6.5 15d ago ShellHub has cross-tenant IDOR in `GET /api/namespaces/:tenant` via API Key bypasses membership check
CVE-2026-44424 medium 6.5 6.5 15d ago ShellHub has cross-tenant IDOR in `GET /api/devices/:uid` that discloses device data of any namespace
CVE-2026-44423 medium 6.5 6.5 15d ago ShellHub has cross-tenant IDOR in `GET /api/sessions/:uid` that discloses SSH session data
CVE-2026-44425 medium 5.4 5.4 15d ago ShellHub has crash-DoS via field injection in filter and sort-by parameters