Security Advisory

CVE-2026-35175

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-04-06 17:51:54

Last updated 2026-04-07 15:59:22

Assigner GitHub_M

State PUBLISHED

Description

Ajenti is a Linux and BSD modular server admin panel. Prior to 2.2.15, an authenticated user (using the auth_users plugin authentication method) could install a custom package even if this user is not superuser. This vulnerability is fixed in 2.2.15.

← Browse all CVEs View on cve.org ↗