Ghostwire

CVE-2026-16209: A vulnerability has been found in Gerapy up to 0.9.13. The impacted element is an unknown function of the file...

MEDIUM CVSS 7.3 Exploit Available 2 PoC

Published: July 19, 2026 | Last Modified: July 19, 2026

Description

A vulnerability has been found in Gerapy up to 0.9.13. The impacted element is an unknown function of the file gerapy/server/core/views.py of the component Project Upload Endpoint. Such manipulation leads to missing authentication. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The name of the patch is bd4891c60315f17611a3b7a651ffe0fba7cfe71e. Applying a patch is advised to resolve this issue.

Ghostwire Analysis — What This Means Practically

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

Proof-of-Concept Exploits (2)

Security Coverage (1 articles)

References