CVE-2026-44423

🔶 medium

Summary

ShellHub is a centralized SSH gateway. Prior to 0.24.2, GET /api/sessions/:uid returns the full session object for any authenticated caller, without scoping by the caller's tenant. An authenticated user can read session records (SSH username, device UID, remote IP, terminal type, authenticated flag, timestamps) belonging to any other namespace. This vulnerability is fixed in 0.24.2.

CVSS Score

6.5

Medium

EPSS Score

0.0

Exploit Probability

Published Date

2026-05-13

First Seen: 2026-05-17

📊 Relative Risk Intelligence

This CVE is Lower Risk - more severe than 47.8% of all 325,680 vulnerabilities in our database.

#169,892

Below average severity

Severity Percentile

🎯 CISA SSVC Assessment Updated: May 14, 2026

🔍 Exploitation Status

Poc

Proof-of-concept available

⚙️ Automatable

Requires human interaction

💥 Technical Impact

Partial

Limited system impact

SSVC data provided by CISA

Last Modified 2026-05-15

Source NVD 🔗

CVSS Vector 3.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE IDs (Weakness Types)

CWE-639

CVE-2026-44423

Summary

📊 Relative Risk Intelligence

🎯 CISA SSVC Assessment Updated: May 14, 2026

📦 Affected Products 1

🔗 References 1

🔗 Related CVEs 3

CVE ID	Severity	CVSS	EPSS	Summary	Published
CVE-2026-44424	🔶 medium	6.5	0.0	ShellHub is a centralized SSH gateway. Prior to 0.24.2, GET /api/devices/:uid returns the full device object whenever th...	2026-05-13
CVE-2026-44425	🔶 medium	5.4	0.1	ShellHub is a centralized SSH gateway. Prior to 0.24.2, the device list endpoint accepts user-controlled identifiers in ...	2026-05-13
CVE-2026-44426	🔶 medium	6.5	0.0		2026-05-13