CVE Catalog

CVE-2026-14723

MediumCVSS 5.3
Published: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.12%

2th percentile — higher than 2% of all known CVEs

Summary

In AD-Security AD_Miner 1.9.0, the Cache Handler component's request_a function in ad_miner/scripts/analyse_cache.py mishandles the sys.argv[1] argument, causing deserialization. The attack requires local access.

Risk Assessment

A local attacker could exploit deserialization to execute arbitrary code or manipulate cached data, threatening system confidentiality and integrity.

Recommendation

Update AD_Miner to the latest version after the pull request is accepted, or temporarily restrict local access to the system.

Original NVD description (English source)

A vulnerability was determined in AD-Security AD_Miner 1.9.0. Affected is the function request_a of the file ad_miner/scripts/analyse_cache.py of the component Cache Handler. This manipulation of the argument sys.argv[1] causes deserialization. The attack can only be executed locally. The pull request to fix this issue awaits acceptance.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS