CVE-2026-53520
published 2026-06-12CVE-2026-53520: Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 2.0.14 to before version 2.1.0, authenticated…
PriorityP334medium6.5CVSS 3.1
AVNACLPRLUINSUCNINAH
EPSS
0.28%
19.9th percentile
Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 2.0.14 to before version 2.1.0, authenticated users can claim the dashboard Host through NAT and preempt all dashboard routing. This issue has been patched in version 2.1.0.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | nezhahq_nezha | >= 2.0.14 < 2.1.0 | 2.1.0 |
| nezhahq | nezha | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Nezha Monitoring: Authenticated users can claim the dashboard Host through NAT and preempt all dashboard routing
ghsa·2026-06-26
CVE-2026-53520 [MEDIUM] CWE-284 Nezha Monitoring: Authenticated users can claim the dashboard Host through NAT and preempt all dashboard routing
Nezha Monitoring: Authenticated users can claim the dashboard Host through NAT and preempt all dashboard routing
### Summary
An authenticated non-admin user who owns any server can create or update a NAT profile whose `domain` is equal to the dashboard's own HTTP Host (for example, `dashboard.example:8008`). The dashboard's top-level HTTP/gRPC multiplexer checks `NATShared.GetNATConfigByDomain(r.Host)` before dispatching requests to the dashboard API, frontend, or gRPC handler, so a member-controlled NAT profile for the dashboard Host takes precedence over the real dashboard.
A disabled claimed NAT profile blocks matching dashboard requests before they reach the dashboard handler. An enabled claimed NAT profile routes matching requests into `ServeNAT`, which sends a NAT task to the membe
VulDB
nezhahq nezha up to 2.0.x access control (GHSA-x6fg-52vr-hj4w)
vuldb·2026-06-13·CVSS 6.5
CVE-2026-53520 [MEDIUM] nezhahq nezha up to 2.0.x access control (GHSA-x6fg-52vr-hj4w)
A vulnerability classified as critical was found in nezhahq nezha up to 2.0.x. Affected is an unknown function. The manipulation results in improper access controls.
This vulnerability is identified as CVE-2026-53520. The attack can be executed remotely. There is not any exploit available.
Upgrading the affected component is advised.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-06-12
Published