CRITICAL
whyour
CVE published 2026-07-15
CVE-2026-55445
CVE-2026-55445 is a CRITICAL vulnerability in Qinglong timed task management platform versions prior to 2.20.1. The init guard middleware does not check /open/* paths after JWT authentication and guard have passed; an unauthenticated attacker can send PUT /open/user/init to reset administrator credentials on an initialized instance. This issue allows for potential unauthorized administrator credential res [truncated]