Authorization Bypass Vulnerability in Dashboard Module of geex-arts Django-Jet
CVE-2026-16214

5.3MEDIUM

Key Information:

Vendor

Geex-arts

Vendor
CVE Published:
19 July 2026

Badges

๐Ÿ‘พ Exploit Exists

What is CVE-2026-16214?

A security flaw has been discovered in the dashboard module of geex-arts' Django-Jet up to version 1.0.8. This vulnerability allows unauthorized access through the manipulation of specific functions in the jet/dashboard/views.py file. The nature of the exploit enables remote execution, making it particularly concerning as the method to exploit the vulnerability is publicly accessible. Despite an early report to the project maintainers, no response has been received, raising the stakes for those using this version.

Affected Version(s)

django-jet 1.0.0

django-jet 1.0.1

django-jet 1.0.2

References

CVSS V4

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

GalaxynX (VulDB User)
VulDB CNA Team
.