Tag

Cve-2026-6574

1 brief RSS

osuuu LightPicture Hardcoded Credentials Vulnerability (CVE-2026-6574)

CVE-2026-6574 allows remote attackers to manipulate the 'key' argument in the /public/install/lp.sql file via the API Upload Endpoint in osuuu LightPicture <= 1.2.2, leading to hardcoded credentials exposure.

cve-2026-6574 hardcoded-credentials web-application

2r 1t 1c 2w ago