Plattform
other
Komponente
birkir-prime
Behoben in
0.4.1
A cross-site request forgery (CSRF) vulnerability has been identified in birkir prime versions up to 0.4.0.beta.0. This flaw allows an attacker to trick a user into performing actions they did not intend, potentially leading to unauthorized modifications or data breaches. The vulnerability affects unknown code and is exploitable remotely. While a fix is pending, mitigation strategies can be implemented.
The CSRF vulnerability in birkir prime allows an attacker to craft malicious requests that appear to originate from a legitimate user. Successful exploitation could result in unauthorized changes to user settings, data manipulation, or even account takeover, depending on the functionality exposed by the application. The remote nature of the vulnerability expands the potential attack surface, as attackers don't need local access to exploit it. Given the public disclosure and availability of an exploit, the risk of exploitation is elevated.
This vulnerability was publicly disclosed on 2026-01-19. A proof-of-concept exploit is available, indicating a moderate to high probability of exploitation. The project maintainers have been notified but have not yet responded, increasing the risk to users. It is not currently listed on CISA KEV.
Users of birkir prime versions 0.4.0.beta–0.4.0.beta are at risk, particularly those who rely on the application for sensitive data or operations. Shared hosting environments where multiple users share the same instance of birkir prime are also at increased risk, as an attacker could potentially exploit the vulnerability to affect other users.
disclosure
Exploit-Status
EPSS
0.03% (9% Perzentil)
CISA SSVC
CVSS-Vektor
Due to the lack of a released patch, immediate mitigation focuses on reducing the attack surface and detecting malicious requests. Implement a Web Application Firewall (WAF) with CSRF protection rules to filter out suspicious requests. Consider adding nonce tokens to sensitive actions to verify request authenticity. Regularly review and audit the application's code for potential CSRF vulnerabilities. Until a patch is available, restrict access to sensitive functionality and educate users about the risks of clicking on untrusted links.
Aktualisieren Sie auf eine korrigierte Version, falls vorhanden. Andernfalls überprüfen Sie den betroffenen Code und wenden Sie die notwendigen Maßnahmen an, um CSRF-Angriffe zu verhindern. Sehen Sie sich die bereitgestellten Referenzen für weitere Details zur Schwachstelle und möglichen Lösungen an.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-1169 is a cross-site request forgery (CSRF) vulnerability affecting birkir prime versions up to 0.4.0.beta.0, allowing attackers to perform unauthorized actions.
Yes, if you are using birkir prime version 0.4.0.beta–0.4.0.beta, you are potentially affected by this vulnerability.
A patch is not yet available. Mitigate by implementing WAF rules, adding nonce tokens, and restricting access to sensitive functionality.
A public exploit exists, indicating a moderate to high probability of active exploitation.
Check the birkir prime project's official website or repository for updates and advisories, although the maintainers have not yet responded to the vulnerability report.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.