216.73.216.169

CVE-2026-54652

· Published 08/07/2026 17:16 · Author: The MITRE Corporation

Labels: CVE-2026-54652

Essential information

Published
08/07/2026 17:16
Modified
Author
The MITRE Corporation
Creator
The MITRE Corporation
CVSS
8.1 HIGH (v3.1)
CISA KEV
No
CWE
CWE-269
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CVSS metrics

Description

Frigate is an open source network video recorder. In version 0.17.1, the GET /api/logs/{service} endpoint allows any authenticated user including the viewer role to download Frigate and nginx logs, exposing auto-generated admin passwords and camera credentials logged in request query strings and enabling viewer-to-admin privilege escalation. A fixed release has not been identified.

NVD status

NVD
View on NVD