PatchSiren

Mysterium Network CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

CRITICAL Mysterium Network CVE published 2026-07-08

CVE-2026-31309

CVE-2026-31309 is a critical vulnerability in Mysterium Node versions from v1.21.1-rc0 before v1.36.0. The issue lies in improper authorization in the /tequilapi/config/user endpoint, allowing an unauthenticated attacker to overwrite node configuration via a crafted POST request, potentially leading to full node takeover. This vulnerability has a CVSS score of 9.8, indicating a high severity level. Users [truncated]