Nezha Monitoring: Stored future DDNS profile ID allows unauthorized use...

6.4 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L

Description

Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 2.0.14 to before version 2.1.0, PATCH /server/{id} accepts and persists nonexistent ddns_profiles IDs for a member-owned server. If another user later creates a DDNS profile with one of those IDs, the DDNS worker resolves the stored ID and dispatches an update using the other user's DDNS profile configuration in the context of the attacker's server. This issue has been patched in version 2.1.0.

Basic Information

ID CVE-2026-53521

Source GitHub_M

Published Jun 12, 2026 at 21:04

Affected Product

Vendor nezhahq

Product nezha

Version >= 2.0.14, < 2.1.0

Affected Versions nezhahq nezha >= 2.0.14, < 2.1.0

CWE Classification

CWE-863

References

github.com /nezhahq/nezha/security/advisories/GHSA-39g2-8x68-pmx8

{
    "lastseen": "",
    "description": "Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 2.0.14 to before version 2.1.0, PATCH /server/{id} accepts and persists nonexistent ddns_profiles IDs for a member-owned server. If another user later creates a DDNS profile with one of those IDs, the DDNS worker resolves the stored ID and dispatches an update using the other user's DDNS profile configuration in the context of the attacker's server. This issue has been patched in version 2.1.0.",
    "published": "2026-06-12T21:04:27.196Z",
    "modified": "2026-06-12T21:04:27.196Z",
    "type": "cve",
    "title": "Nezha Monitoring: Stored future DDNS profile ID allows unauthorized use of another user's DDNS profile context",
    "source": "GitHub_M",
    "references": "https://github.com/nezhahq/nezha/security/advisories/GHSA-39g2-8x68-pmx8",
    "id": "CVE-2026-53521",
    "bulletinFamily": "",
    "cwe": [
        "CWE-863"
    ],
    "cvelist": null,
    "sourceData": "nezhahq nezha >= 2.0.14, < 2.1.0",
    "sourceHref": "",
    "cvss": {
        "score": 6.4,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "nezha",
    "version": ">= 2.0.14, < 2.1.0",
    "vendor": "nezhahq",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Nezha Monitoring: Stored future DDNS profile ID allows unauthorized use of another user’s DDNS profile context_CVE-2026-53521