MEDIUM
pglombardo
CVE published 2026-05-08
CVE-2026-41308
CVE-2026-41308 is a security issue in OSS PasswordPusher that allowed unauthenticated creation of file-type pushes through a generic JSON API create path under certain configurations. This could bypass the intended authentication boundary for file push creation. The issue has been patched in versions 1.69.3 and 2.4.2.