CVE 9.3 CRITICAL

Kavita: Pre-Auth Account Takeover_CVE-2026-47202

May 26, 2026 invoker category_cve

9.3 / 10

CRITICAL

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N

Description

Kavita is a cross platform reading server. Prior to 0.9.0.2, an Improper Token validation flaw permits a remote and unauthenticated threat actor to request a JWT for any user including admins given knowledge of their username. This vulnerability is fixed in 0.9.0.2.

AI Analysis

Improper Token validation flaw permitting remote and unauthenticated threat actors to request a JWT for any user, including admins, given knowledge of their username.

Basic Information

ID CVE-2026-47202

Source GitHub_M

Published May 26, 2026 at 17:30

Affected Product

Vendor Kareadita

Product Kavita

Version < 0.9.0.2

Affected Versions Kareadita Kavita < 0.9.0.2

CWE Classification

CWE-287 CWE-345 CWE-697

AI Assessment

AI Score 9.3 / 10

AI Severity Critical

Vendor Kareadita

Product Kavita

Version < 0.9.0.2

References

{
    "lastseen": "",
    "description": "Kavita is a cross platform reading server. Prior to 0.9.0.2, an Improper Token validation flaw permits a remote and unauthenticated threat actor to request a JWT for any user including admins given knowledge of their username. This vulnerability is fixed in 0.9.0.2.",
    "published": "2026-05-26T17:30:55.961Z",
    "modified": "2026-05-26T17:30:55.961Z",
    "type": "cve",
    "title": "Kavita: Pre-Auth Account Takeover",
    "source": "GitHub_M",
    "references": "https://github.com/Kareadita/Kavita/security/advisories/GHSA-m2v3-fcjh-hm22\nhttps://github.com/Kareadita/Kavita/releases/tag/v0.9.0.2",
    "id": "CVE-2026-47202",
    "bulletinFamily": "",
    "cwe": [
        "CWE-287",
        "CWE-345",
        "CWE-697"
    ],
    "cvelist": null,
    "sourceData": "Kareadita Kavita < 0.9.0.2",
    "sourceHref": "",
    "cvss": {
        "score": 9.3,
        "severity": "CRITICAL",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Kavita",
    "version": "< 0.9.0.2",
    "vendor": "Kareadita",
    "ai_description": "Improper Token validation flaw permitting remote and unauthenticated threat actors to request a JWT for any user, including admins, given knowledge of their username.",
    "ai_severity": "Critical",
    "ai_vendor": "Kareadita",
    "ai_product": "Kavita",
    "ai_version": "< 0.9.0.2",
    "ai_score": 9.3
}

💭 Join the Security Discussion ❌ Cancel Reply