Loading market data...
← Back to CVE feed

CVE-2026-50892

UNKNOWN View on NVD ↗

Description

Incorrect access control in the "Let's Encrypt" certificate download endpoint of Nginx Proxy Manager v2.14.0 allows authenticated attackers to obtain the TLS private key material via a crafted GET request.

Published: Jun 15, 2026 20:16 UTC Modified: Jun 16, 2026 15:49 UTC