CVE-2026-46716

Published Jun 12, 2026

Last updated 15 hours ago

CVSS critical 9.9

Overview

Description
Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 1.4.0 to before version 2.0.8, a RoleMember user can create a scheduled cron task with Cover=CronCoverAll, Servers=[] and an arbitrary Command. At every tick of the scheduler, the dashboard pushes that command to every server in the global ServerShared map — including servers that belong to other tenants (admin's servers, other members' servers). Each agent runs the command and returns the output, which is then sent to the attacker's own NotificationGroup → attacker-controlled webhook. This issue has been patched in version 2.0.8.
Source
security-advisories@github.com
NVD status
Received

Risk scores

CVSS 3.1

Type
Secondary
Base score
9.9
Impact score
6
Exploitability score
3.1
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

security-advisories@github.com
CWE-78

Social media

Hype score
Not currently trending

  1. 🚨 CVE-2026-46716: Critical command execution risk in Nezha monitoring tool. RoleMember users may be able to execute arbitrary commands across all servers. ✅ Update Nezha immediately 🔎 https://t.co/tcagAgyEx8 #CVE #Nezha #ServerSecurity #CyberSecurity #Vulert https://t.co/

    @vulert_official

    25 May 2026

    10 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.