Description
TheLibrarians web_fetch tool can be used to retrieve the Adminer interface content, which can then be used to log into the internal TheLibrarian backend system. The vendor has fixed the vulnerability in all affected versions.
CVSS Metrics
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Attack Vector
- network
- Complexity
- low
- Privileges
- none
- User Action
- none
- Scope
- unchanged
- Confidentiality
- high
- Integrity
- none
- Availability
- none
- Weaknesses
- NVD-CWE-noinfo
Metadata
- Primary Vendor
- THELIBRARIAN
- Published
- 1/16/2026
- Last Modified
- 1/23/2026
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
thelibrarian : the_librarian
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.