CVE-2026-1194 MEDIUM

CVE-2026-1194: MineAdmin Swagger information disclosure

Vendor N/A

Product MineAdmin

Weakness CWE-200 · Info exposure

Published January 19, 2026

Last update March 25, 2026

View on NVD All CVEs

CVSS base score

6.9/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction None

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P

What the vulnerability does

01Description

A security flaw has been discovered in MineAdmin 1.x/2.x. This affects an unknown function of the component Swagger. The manipulation results in information disclosure. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

Key dates

02Disclosure timeline

January 19, 2026 CVE published

March 25, 2026 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2026-1194 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/200.html

Related vulnerabilities

04Related CVE

CVE-2026-32270 Craft Commerce: Unauthenticated information disclosure in `commerce/payments/pay` can leak some customer order data on anonymous payments CVE-2024-47080 matrix-js-sdk keys sent via `sendSharedHistoryKeys` vulnerable to interception by malicious homeserver CVE-2024-53862 Argo Workflows Allows Access to Archived Workflows with Fake Token in `client` mode CVE-2021-39008 IBM QRadar WinCollect Agent information disclosure CVE-2024-39822 Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Sensitive Information Exposure

Identifiers

CVE CVE-2026-1194

CWE CWE-200

CVSS 6.9 / MEDIUM

Affected versions

Vendor N/A

Product MineAdmin

Affected 1.*

Vendor N/A

Product MineAdmin

Affected 2.*