NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-25660

Summary	CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Authentication bypass occurs when the URL ends with Authentication with certain function calls. This bypass allows assigning arbitrary permission to any user existing in CodeChecker. This issue affects CodeChecker: through 6.27.3.
Publication Date	April 24, 2026, 11:16 p.m.
Registration Date	April 25, 2026, 4:07 a.m.
Last Update	April 24, 2026, 11:39 p.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://github.com/Ericsson/codechecker/security/advisories/GHSA-4v9x-cqc5-j645	85b1779b-6ecd-4f52-bcc5-73eac4659dcf

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-863	不正な認証	https://cwe.mitre.org/data/definitions/863.html
2	CWE-290	スプーフィングによる認証回避	https://cwe.mitre.org/data/definitions/290.html