Main Vulnerability Database Exploits ID:12553 - Exploit for Improper access control in lupa - CVE-2026-34444

ID:12553 - Exploit for Improper access control in lupa - CVE-2026-34444

Published: April 7, 2026

Vulnerability identifier: #VU125026

Vulnerability risk: High

CVE-ID: CVE-2026-34444

CWE-ID: CWE-284

Exploitation vector: Remote access

Vulnerable software:
lupa

Link to public exploit:

https://github.com/scoder/lupa/security/advisories/GHSA-69v7-xpr6-6gjm/#poc

Vulnerability description

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to incomplete attribute_filter enforcement in getattr / setattr. A remote attacker can bypass implemented security restrictions and execute arbitrary code on the target system.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

ID:12553 - Exploit for Improper access control in lupa - CVE-2026-34444

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human