CVE-2026-11403
Vulnerability Description
A vulnerability in Sonatype Nexus Repository Manager's format-specific API key generation may allow a remote attacker to gain unauthorized access to repository operations as a targeted user. A format-specific API key realm (NuGet API Key, Docker Bearer Token, or npm Bearer Token) must be enabled and the targeted user must have an active API key for this vulnerability to be exploitable.
Vulnerability Details
Published Date
Last Modified
CWE ID
CWE-331
Source
NVD
Vendor
Sonatype
Product
Nexus Repository Manager
Discussion (0)
Add Comment
No comments yet. Be the first!