Loading market data...
← Back to CVE feed

CVE-2026-39087

CRITICAL CVSS 9.8 View on NVD ↗

Description

An issue in Ntfy ntfy.sh before v.2.21 allows a remote attacker to execute arbitrary code via the parseActions function

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

Published: Apr 23, 2026 16:16 UTC Modified: Apr 23, 2026 19:17 UTC