CVE-2026-14723
MediumCVSS 5.3Exploitation Probability (EPSS)
Low risk2th percentile — higher than 2% of all known CVEs
Summary
In AD-Security AD_Miner 1.9.0, the Cache Handler component's request_a function in ad_miner/scripts/analyse_cache.py mishandles the sys.argv[1] argument, causing deserialization. The attack requires local access.
Risk Assessment
A local attacker could exploit deserialization to execute arbitrary code or manipulate cached data, threatening system confidentiality and integrity.
Recommendation
Update AD_Miner to the latest version after the pull request is accepted, or temporarily restrict local access to the system.
Original NVD description (English source)
A vulnerability was determined in AD-Security AD_Miner 1.9.0. Affected is the function request_a of the file ad_miner/scripts/analyse_cache.py of the component Cache Handler. This manipulation of the argument sys.argv[1] causes deserialization. The attack can only be executed locally. The pull request to fix this issue awaits acceptance.

