CVE-2026-10741
MediumCVSS 5.9Exploitation Probability (EPSS)
Low risk17th percentile — higher than 17% of all known CVEs
Summary
Sonatype Nexus Repository Manager before 3.93.0 contains an authorization vulnerability in the proxy repository configuration that allows a delegated repository administrator to disclose stored upstream proxy credentials.
Risk Assessment
This vulnerability may lead to unauthorized access to sensitive data, posing a risk to the organization's security.
Recommendation
It is recommended to upgrade Sonatype Nexus Repository Manager to version 3.93.0 or later to mitigate this vulnerability.
Original NVD description (English source)
Sonatype Nexus Repository Manager before 3.93.0 contains an authorization vulnerability in the proxy repository configuration that allows a delegated repository administrator to disclose stored upstream proxy credentials.

