Back to CVE List

CVE-2026-11403

Vulnerability Description

A vulnerability in Sonatype Nexus Repository Manager's format-specific API key generation may allow a remote attacker to gain unauthorized access to repository operations as a targeted user. A format-specific API key realm (NuGet API Key, Docker Bearer Token, or npm Bearer Token) must be enabled and the targeted user must have an active API key for this vulnerability to be exploitable.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-331
Source
NVD
Vendor
Sonatype
Product
Nexus Repository Manager

External References

Discussion (0)

Add Comment

No comments yet. Be the first!